| Revision Date: | 2013-04-29 | Version: | 12 | | Title: | Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack. | | Description: | Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack. | | Family: | unix | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2009-1839
| | Platform(s): | CentOS Linux 4
CentOS Linux 5
Oracle Linux 4
Oracle Linux 5
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
| Product(s): | | | Definition Synopsis | | OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4
The operating system installed on the system is Red Hat Enterprise Linux 4
OR CentOS Linux 4.x
OR Oracle Linux 4.x
AND firefox is earlier than 0:3.0.11-4.el4
OR OS Section: RHEL5, CentOS5, Oracle Linux 5
RHEL5, CentOS5 or Oracle Linux 5
The operating system installed on the system is Red Hat Enterprise Linux 5
OR The operating system installed on the system is CentOS Linux 5.x
OR Oracle Linux 5.x
AND Configuration section
xulrunner-devel-unstable is earlier than 0:1.9.0.11-3.el5_3
OR xulrunner-devel is earlier than 0:1.9.0.11-3.el5_3
OR firefox is earlier than 0:3.0.11-2.el5_3
OR xulrunner is earlier than 0:1.9.0.11-3.el5_3
|
|