PT-2009-5407 · Mozilla+1 · Firefox+1

Dan Kaminsky

Publicado

2009-09-09

Atualizado

2017-09-19

CVE-2009-3076

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 3.0.14

Description: The issue is related to the improper implementation of certain dialogs associated with the pkcs11.addmodule and pkcs11.deletemodule operations. This makes it easier for remote attackers to trick a user into installing or removing an arbitrary PKCS11 module.

Recommendations: For versions prior to 3.0.14, update to version 3.0.14 or later to resolve the issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2009-3076

DSA-1885-1

RHSA-2009:1430

RHSA-2009:1431

RHSA-2009:1432

RHSA-2009_1430

RHSA-2009_1431

RHSA-2010:0153

RHSA-2010:0154

RHSA-2010_0153

RHSA-2010_0154

Produtos afetados

Firefox

Red Hat

PT-2009-5407 · Mozilla+1 · Firefox+1

CVE-2009-3076

Identificadores relacionados

Produtos afetados

Referências · 70