Vulnerability Name:

CVE-2009-1840 (CCN-51076)

Assigned:2009-06-11
Published:2009-06-11
Updated:2017-09-29
Summary:Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check content policy before loading a script file into a XUL document, which allows remote attackers to bypass intended access restrictions via a crafted HTML document, as demonstrated by a "web bug" in an e-mail message, or web script or an advertisement in a web page.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
1.8 Low (REDHAT CVSS v2 Vector: AV:A/AC:H/Au:N/C:P/I:N/A:N)
1.3 Low (REDHAT Temporal CVSS v2 Vector: AV:A/AC:H/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-264
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2009-1840

Source: OSVDB
Type: UNKNOWN
55158

Source: CCN
Type: RHSA-2009-1095
Critical: firefox security update

Source: CCN
Type: SA35331
Mozilla Firefox Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
35331

Source: SECUNIA
Type: UNKNOWN
35415

Source: SECUNIA
Type: Vendor Advisory
35431

Source: CCN
Type: SA35439
Mozilla SeaMonkey Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
35439

Source: CCN
Type: SA35440
Mozilla Thunderbird Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
35440

Source: SECUNIA
Type: UNKNOWN
35468

Source: CCN
Type: SECTRACK ID: 1022379
Mozilla Firefox XUL Script Policy Can By Bypassed By Remote Users

Source: SLACKWARE
Type: UNKNOWN
SSA:2009-167-01

Source: SUNALERT
Type: UNKNOWN
264308

Source: CCN
Type: ASA-2009-231
firefox security update (RHSA-2009-1095)

Source: DEBIAN
Type: UNKNOWN
DSA-1820

Source: DEBIAN
Type: DSA-1820
xulrunner -- several vulnerabilities

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2009:141

Source: CCN
Type: MFSA 2009-31
XUL scripts bypass content-policy checks

Source: CONFIRM
Type: Vendor Advisory
http://www.mozilla.org/security/announce/2009/mfsa2009-31.html

Source: CCN
Type: OSVDB ID: 55158
Mozilla Multiple Products XUL Document Script Loading Content Policy Bypass

Source: BID
Type: Patch
35326

Source: CCN
Type: BID-35326
RETIRED: Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through 32 Multiple Vulnerabilities

Source: CCN
Type: BID-35377
Mozilla Firefox/Thunderbird/SeaMonkey XUL Scripts Content-Policy Check Security Bypass Vulnerability

Source: SECTRACK
Type: UNKNOWN
1022379

Source: CCN
Type: USN-779-1
Firefox and Xulrunner vulnerabilities

Source: VUPEN
Type: Patch, Vendor Advisory
ADV-2009-1572

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.mozilla.org/show_bug.cgi?id=477979

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=503582

Source: XF
Type: UNKNOWN
firefox-xul-security-bypass(51076)

Source: XF
Type: UNKNOWN
firefox-xul-security-bypass(51076)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9448

Source: REDHAT
Type: UNKNOWN
RHSA-2009:1095

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-6366

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-6411

Source: SUSE
Type: SUSE-SA:2009:034
Mozilla Firefox 3.0.11

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mozilla:firefox:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:* (Version <= 3.0.10)
  • OR cpe:/a:mozilla:firefox:3.0beta5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.1:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:*:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:thunderbird:*:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:mozilla:firefox:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*
  • AND
  • cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:8.04::lts:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.1:*:*:*:x86_64:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20091840
    V
    		CVE-2009-1840
    2022-05-20
    oval:org.opensuse.security:def:31300
    P
    		Security update for MozillaFirefox (Important)
    2021-11-17
    oval:org.opensuse.security:def:31168
    P
    		Security update for cups (Important)
    2021-04-30
    oval:org.opensuse.security:def:31748
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:31692
    P
    		Security update for python3 (Important)
    2021-02-08
    oval:org.opensuse.security:def:31083
    P
    		Security update for python-cryptography (Moderate)
    2020-12-04
    oval:org.opensuse.security:def:35614
    P
    		mozilla-xulrunner190-1.9.0.19-0.1.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:31082
    P
    		Security update for gdm (Important)
    2020-12-03
    oval:org.opensuse.security:def:42021
    P
    		mozilla-xulrunner190-1.9.0.19-0.1.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:25507
    P
    		Security update for git (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31094
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26614
    P
    		mozilla-xulrunner190 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31836
    P
    		Security update for bind (Important)
    2020-12-01
    oval:org.opensuse.security:def:25742
    P
    		Security update for ceph (Important)
    2020-12-01
    oval:org.opensuse.security:def:25166
    P
    		Security update for apache2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31902
    P
    		Security update for MozillaFirefox, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:25844
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31449
    P
    		Security update for postgresql10 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25241
    P
    		Security update for java-1_7_1-ibm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32579
    P
    		mozilla-xulrunner190 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25897
    P
    		Security update for mariadb (Important)
    2020-12-01
    oval:org.opensuse.security:def:25450
    P
    		Security update for bluez (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26579
    P
    		libMagickCore1-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31797
    P
    		Recommended update for NetworkManager-kde4 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25591
    P
    		Security update for python (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25165
    P
    		Security update for squid (Important)
    2020-12-01
    oval:org.opensuse.security:def:31858
    P
    		Security update for cups (Important)
    2020-12-01
    oval:org.opensuse.security:def:25795
    P
    		Security update for kernel-source (Important)
    2020-12-01
    oval:org.opensuse.security:def:31392
    P
    		Security update for pam-modules (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25177
    P
    		Security update for mariadb-connector-c (Important)
    2020-12-01
    oval:org.opensuse.security:def:32540
    P
    		krb5-doc on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25883
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31536
    P
    		Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25369
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25941
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.mitre.oval:def:29396
    P
    		RHSA-2009:1095 -- firefox security update (Critical)
    2015-08-17
    oval:org.mitre.oval:def:13939
    P
    		USN-779-1 -- firefox-3.0, xulrunner-1.9 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:13425
    P
    		DSA-1820-1 xulrunner -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:7872
    P
    		DSA-1820 xulrunner -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:22817
    P
    		ELSA-2009:1095: firefox security update (Critical)
    2014-05-26
    oval:org.mitre.oval:def:9448
    V
    		Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check content policy before loading a script file into a XUL document, which allows remote attackers to bypass intended access restrictions via a crafted HTML document, as demonstrated by a "web bug" in an e-mail message, or web script or an advertisement in a web page.
    2013-04-29
    oval:org.debian:def:1820
    V
    		several vulnerabilities
    2009-06-18
    oval:com.redhat.rhsa:def:20091095
    P
    		RHSA-2009:1095: firefox security update (Critical)
    2009-06-11
    BACK
    mozilla firefox 3.0
    mozilla firefox 3.0 alpha
    mozilla firefox 3.0 beta2
    mozilla firefox 3.0 beta5
    mozilla firefox 3.0.1
    mozilla firefox 3.0.2
    mozilla firefox 3.0.3
    mozilla firefox 3.0.4
    mozilla firefox 3.0.5
    mozilla firefox 3.0.6
    mozilla firefox 3.0.7
    mozilla firefox 3.0.8
    mozilla firefox 3.0.9
    mozilla firefox *
    mozilla firefox 3.0beta5
    mozilla firefox 3.1 beta1
    mozilla seamonkey *
    mozilla thunderbird *
    mozilla firefox 2.0
    mozilla firefox 2.0.0.1
    mozilla firefox 2.0.0.2
    mozilla firefox 2.0.0.3
    mozilla firefox 2.0.0.4
    mozilla firefox 2.0.0.5
    mozilla firefox 2.0.0.6
    mozilla firefox 2.0.0.9
    mozilla firefox 3.0 alpha
    mozilla firefox 2.0.0.7
    mozilla firefox 2.0.0.8
    mozilla firefox 2.0.0.11
    mozilla firefox 2.0.0.12
    mozilla firefox 2.0 beta1
    mozilla firefox 2.0 rc2
    mozilla firefox 2.0 rc3
    mozilla firefox 2.0.0.10
    mozilla firefox 2.0.0.13
    mozilla firefox 3.0 beta5
    mozilla firefox 3.0 beta2
    mozilla firefox 2.0.0.14
    mozilla firefox 3.0
    mozilla firefox 2.0.0.15
    mozilla firefox 3.0.1
    mozilla firefox 2.0.0.16
    mozilla firefox 2.0.0.17
    mozilla firefox 2.0.0.18
    mozilla firefox 2.0.0.19
    mozilla firefox 3.0.10
    suse suse linux 9.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 5
    canonical ubuntu 8.04
    novell opensuse 11.0
    mandriva linux 2009.0
    mandriva linux 2009.0 -
    debian debian linux 5.0
    mandriva linux 2009.1
    mandriva linux 2009.1