CVE-2009-2472

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 3.0.12 libmozjs-dev (affected versions not specified) libmozjs1d (affected versions not specified) libmozjs1d-dbg (affected versions not specified) libmozillainterfaces-java (affected versions not specified)

Description The issue concerns multiple vulnerabilities in various packages of the Debian GNU/Linux operating system, including libmozjs-dev, libmozjs1d, libmozjs1d-dbg, and libmozillainterfaces-java. These vulnerabilities can be exploited remotely, potentially leading to breaches of confidentiality, integrity, and availability of protected information. Additionally, Mozilla Firefox before version 3.0.12 is vulnerable to a "cross origin wrapper bypass" that allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document.

Recommendations For Mozilla Firefox versions prior to 3.0.12, update to version 3.0.12 or later to resolve the issue. For libmozjs-dev, libmozjs1d, libmozjs1d-dbg, and libmozillainterfaces-java, at the moment, there is no information about a newer version that contains a fix for this vulnerability.