PT-2009-5407 · Mozilla+1 · Firefox+1

Dan Kaminsky

Published

2009-09-09

Updated

2017-09-19

CVE-2009-3076

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 3.0.14

Description: The issue is related to the improper implementation of certain dialogs associated with the pkcs11.addmodule and pkcs11.deletemodule operations. This makes it easier for remote attackers to trick a user into installing or removing an arbitrary PKCS11 module.

Recommendations: For versions prior to 3.0.14, update to version 3.0.14 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-3076

DSA-1885-1

RHSA-2009:1430

RHSA-2009:1431

RHSA-2009:1432

RHSA-2009_1430

RHSA-2009_1431

RHSA-2010:0153

RHSA-2010:0154

RHSA-2010_0153

RHSA-2010_0154

Affected Products

Firefox

Red Hat

PT-2009-5407 · Mozilla+1 · Firefox+1

CVE-2009-3076

Related Identifiers

Affected Products

References · 70