Revision Date: | 2013-04-29 | Version: | 12 | Title: | Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page. | Description: | Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page. | Family: | unix | Class: | vulnerability | Status: | ACCEPTED | Reference(s): | CVE-2009-2654
| Platform(s): | CentOS Linux 3 CentOS Linux 4 CentOS Linux 5 Oracle Linux 4 Oracle Linux 5 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5
| Product(s): | | Definition Synopsis | OS Section: RHEL3, CentOS3 RHEL3 or CentOS3
The operating system installed on the system is Red Hat Enterprise Linux 3
OR CentOS Linux 3.x
AND Configuration section
seamonkey-nspr is earlier than 0:1.0.9-0.45.el3
OR seamonkey-js-debugger is earlier than 0:1.0.9-0.45.el3
OR seamonkey-nss-devel is earlier than 0:1.0.9-0.45.el3
OR seamonkey is earlier than 0:1.0.9-0.45.el3
OR seamonkey-nspr-devel is earlier than 0:1.0.9-0.45.el3
OR seamonkey-mail is earlier than 0:1.0.9-0.45.el3
OR seamonkey-chat is earlier than 0:1.0.9-0.45.el3
OR seamonkey-devel is earlier than 0:1.0.9-0.45.el3
OR seamonkey-dom-inspector is earlier than 0:1.0.9-0.45.el3
OR seamonkey-nss is earlier than 0:1.0.9-0.45.el3
OR OS Section: RHEL4, CentOS4, Oracle Linux 4
RHEL4, CentOS4 or Oracle Linux 4
The operating system installed on the system is Red Hat Enterprise Linux 4
OR CentOS Linux 4.x
OR Oracle Linux 4.x
AND Configuration section
nspr is earlier than 0:4.7.5-1.el4_8
OR seamonkey-js-debugger is earlier than 0:1.0.9-48.el4_8
OR nspr-devel is earlier than 0:4.7.5-1.el4_8
OR seamonkey is earlier than 0:1.0.9-48.el4_8
OR firefox is earlier than 0:3.0.14-1.el4
OR seamonkey-mail is earlier than 0:1.0.9-48.el4_8
OR seamonkey-chat is earlier than 0:1.0.9-48.el4_8
OR seamonkey-devel is earlier than 0:1.0.9-48.el4_8
OR seamonkey-dom-inspector is earlier than 0:1.0.9-48.el4_8
OR OS Section: RHEL5, CentOS5, Oracle Linux 5
RHEL5, CentOS5 or Oracle Linux 5
The operating system installed on the system is Red Hat Enterprise Linux 5
OR The operating system installed on the system is CentOS Linux 5.x
OR Oracle Linux 5.x
AND Configuration section
xulrunner-devel-unstable is earlier than 0:1.9.0.14-1.el5_4
OR xulrunner-devel is earlier than 0:1.9.0.14-1.el5_4
OR nspr is earlier than 0:4.7.5-1.el5_4
OR firefox is earlier than 0:3.0.14-1.el5_4
OR nspr-devel is earlier than 0:4.7.5-1.el5_4
OR xulrunner is earlier than 0:1.9.0.14-1.el5_4
|
|