PT-2009-5682 · Mozilla+1 · Firefox+1

Gregory Fleischer

Publicado

2009-10-27

Atualizado

2024-12-12

CVE-2009-3375

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions 3.0.x through 3.0.14 Mozilla Firefox versions 3.5.x through 3.5.3

Description The issue allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection. This is achieved via the document.getSelection function.

Recommendations For Mozilla Firefox versions 3.0.x through 3.0.14, update to version 3.0.15 or later. For Mozilla Firefox versions 3.5.x through 3.5.3, update to version 3.5.4 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2009-3375

DSA-1922-1

OPENSUSE-SU-2024:10071-1

OPENSUSE-SU-2024:14572-1

RHSA-2009:1530

RHSA-2009:1531

RHSA-2009_1530

RHSA-2009_1531

Produtos afetados

Firefox

Red Hat

PT-2009-5682 · Mozilla+1 · Firefox+1

CVE-2009-3375

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2092