Vulnerability Name:

CVE-2009-3986 (CCN-54803)

Assigned:2009-12-15
Published:2009-12-15
Updated:2017-09-19
Summary:Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to execute arbitrary JavaScript with chrome privileges by leveraging a reference to a chrome window from a content window, related to the window.opener property.
CVSS v3 Severity:5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.6 High (CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C)
5.6 Medium (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.1 Medium (REDHAT CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-94
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2009-3986

Source: CCN
Type: RHSA-2009-1674
Critical: firefox security update

Source: CCN
Type: SA37699
Mozilla Firefox Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
37699

Source: SECUNIA
Type: Vendor Advisory
37704

Source: CCN
Type: SA37785
Mozilla SeaMonkey Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
37785

Source: SECUNIA
Type: UNKNOWN
37813

Source: SECUNIA
Type: UNKNOWN
37856

Source: SECUNIA
Type: UNKNOWN
37881

Source: CCN
Type: SA37883
Avaya CMS Multiple Vulnerabilities

Source: CCN
Type: SA37919
Avaya Products Mozilla Firefox Multiple Vulnerabilities

Source: CCN
Type: SECTRACK ID: 1023344
Mozilla Firefox 'window.opener' Flaw May Let Remote Users Gain Chrome Privileges

Source: SECTRACK
Type: Patch
1023344

Source: CCN
Type: SECTRACK ID: 1023345
Mozilla Seamonkey 'window.opener' Flaw May Let Remote Users Gain Chrome Privileges

Source: SECTRACK
Type: Patch
1023345

Source: DEBIAN
Type: UNKNOWN
DSA-1956

Source: DEBIAN
Type: DSA-1956
xulrunner -- several vulnerabilities

Source: CCN
Type: MFSA 2009-70
Privilege escalation via chrome window.opener

Source: CONFIRM
Type: Vendor Advisory
http://www.mozilla.org/security/announce/2009/mfsa2009-70.html

Source: SUSE
Type: UNKNOWN
SUSE-SA:2009:063

Source: CCN
Type: OSVDB ID: 61095
Mozilla Multiple Browsers Chrome window.opener Property Privilege Escalation

Source: BID
Type: UNKNOWN
37349

Source: CCN
Type: BID-37349
RETIRED: Mozilla Firefox and SeaMonkey MFSA 2009-65 through -71 Multiple Vulnerabilities

Source: BID
Type: UNKNOWN
37365

Source: CCN
Type: BID-37365
Mozilla Firefox 'window.opener' Property Chrome Privilege Escalation Vulnerability

Source: CCN
Type: USN-873-1
Firefox 3.0 and Xulrunner 1.9 vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-873-1

Source: CCN
Type: USN-874-1
Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-874-1

Source: CCN
Type: USN-877-1
Firefox 3.0 and Xulrunner 1.9 regression

Source: CCN
Type: USN-878-1
Firefox 3.5 and Xulrunner 1.9.1 regression

Source: VUPEN
Type: Patch, Vendor Advisory
ADV-2009-3547

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.mozilla.org/show_bug.cgi?id=522430

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=546724

Source: XF
Type: UNKNOWN
firefox-windowopener-code-execution(54803)

Source: XF
Type: UNKNOWN
firefox-windowopener-code-execution(54803)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11568

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:8489

Source: REDHAT
Type: UNKNOWN
RHSA-2009:1674

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-13333

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-13362

Source: FEDORA
Type: UNKNOWN
FEDORA-2009-13366

Source: SUSE
Type: SUSE-SA:2009:063
Mozilla Firefox security update

Source: SUSE
Type: SUSE-SR:2009:020
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mozilla:firefox:0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0:beta_1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0.0.21:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0_.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0_.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0_.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0_.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0_.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0_.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0_.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:2.0_8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:* (Version <= 3.0.15)
  • OR cpe:/a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.99:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:*:rc2:*:*:*:*:*:* (Version <= 2.0)
  • OR cpe:/a:mozilla:seamonkey:2.0a1:*:pre:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0a1pre:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:mozilla:seamonkey:1.0::dev:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1::beta:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0::alpha:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0::beta:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1::alpha:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.0.99:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.15:*:*:*:*:*:*:*
  • AND
  • cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/a:avaya:intuity_audix_lx:*:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:message_networking:-:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:-:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:8.04::lts:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
  • OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.1:*:*:*:x86_64:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:*
  • OR cpe:/o:mandriva:linux:2010:*:*:*:x86_64:*:*:*
  • OR cpe:/o:mandriva:linux:2010:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20093986
    V
    		CVE-2009-3986
    2022-05-20
    oval:org.opensuse.security:def:31300
    P
    		Security update for MozillaFirefox (Important)
    2021-11-17
    oval:org.opensuse.security:def:31168
    P
    		Security update for cups (Important)
    2021-04-30
    oval:org.opensuse.security:def:31748
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:31692
    P
    		Security update for python3 (Important)
    2021-02-08
    oval:org.opensuse.security:def:31083
    P
    		Security update for python-cryptography (Moderate)
    2020-12-04
    oval:org.opensuse.security:def:31082
    P
    		Security update for gdm (Important)
    2020-12-03
    oval:org.opensuse.security:def:42021
    P
    		mozilla-xulrunner190-1.9.0.19-0.1.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35614
    P
    		mozilla-xulrunner190-1.9.0.19-0.1.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:25369
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25941
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25507
    P
    		Security update for git (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31094
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26614
    P
    		mozilla-xulrunner190 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31836
    P
    		Security update for bind (Important)
    2020-12-01
    oval:org.opensuse.security:def:25742
    P
    		Security update for ceph (Important)
    2020-12-01
    oval:org.opensuse.security:def:25166
    P
    		Security update for apache2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31902
    P
    		Security update for MozillaFirefox, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:25844
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31449
    P
    		Security update for postgresql10 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25241
    P
    		Security update for java-1_7_1-ibm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32579
    P
    		mozilla-xulrunner190 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25897
    P
    		Security update for mariadb (Important)
    2020-12-01
    oval:org.opensuse.security:def:25450
    P
    		Security update for bluez (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26579
    P
    		libMagickCore1-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31797
    P
    		Recommended update for NetworkManager-kde4 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25591
    P
    		Security update for python (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25165
    P
    		Security update for squid (Important)
    2020-12-01
    oval:org.opensuse.security:def:31858
    P
    		Security update for cups (Important)
    2020-12-01
    oval:org.opensuse.security:def:25795
    P
    		Security update for kernel-source (Important)
    2020-12-01
    oval:org.opensuse.security:def:31392
    P
    		Security update for pam-modules (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25177
    P
    		Security update for mariadb-connector-c (Important)
    2020-12-01
    oval:org.opensuse.security:def:32540
    P
    		krb5-doc on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25883
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31536
    P
    		Security update for samba (Moderate)
    2020-12-01
    oval:org.mitre.oval:def:29342
    P
    		RHSA-2009:1674 -- firefox security update (Critical)
    2015-08-17
    oval:org.mitre.oval:def:8489
    V
    		Mozilla Firefox 'window.opener' Property Chrome Privilege Escalation Vulnerability
    2014-10-06
    oval:org.mitre.oval:def:13283
    P
    		USN-877-1 -- firefox-3.0, xulrunner-1.9 regression
    2014-06-30
    oval:org.mitre.oval:def:12557
    P
    		USN-878-1 -- firefox-3.5, xulrunner-1.9.1 regression
    2014-06-30
    oval:org.mitre.oval:def:13933
    P
    		USN-874-1 -- firefox-3.5, xulrunner-1.9.1 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:13002
    P
    		USN-873-1 -- firefox-3.0, xulrunner-1.9 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:13666
    P
    		DSA-1956-1 xulrunner -- several
    2014-06-23
    oval:org.mitre.oval:def:7038
    P
    		DSA-1956 xulrunner -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:22838
    P
    		ELSA-2009:1674: firefox security update (Critical)
    2014-05-26
    oval:org.mitre.oval:def:11568
    V
    		Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to execute arbitrary JavaScript with chrome privileges by leveraging a reference to a chrome window from a content window, related to the window.opener property.
    2013-04-29
    oval:com.redhat.rhsa:def:20091674
    P
    		RHSA-2009:1674: firefox security update (Critical)
    2009-12-16
    oval:org.debian:def:1956
    V
    		several vulnerabilities
    2009-12-16
    BACK
    mozilla firefox 0.1
    mozilla firefox 0.2
    mozilla firefox 0.3
    mozilla firefox 0.4
    mozilla firefox 0.5
    mozilla firefox 0.6
    mozilla firefox 0.6.1
    mozilla firefox 0.7
    mozilla firefox 0.7.1
    mozilla firefox 0.8
    mozilla firefox 0.9
    mozilla firefox 0.9 rc
    mozilla firefox 0.9.1
    mozilla firefox 0.9.2
    mozilla firefox 0.9.3
    mozilla firefox 0.10
    mozilla firefox 0.10.1
    mozilla firefox 1.0
    mozilla firefox 1.0 preview_release
    mozilla firefox 1.0.1
    mozilla firefox 1.0.2
    mozilla firefox 1.0.3
    mozilla firefox 1.0.4
    mozilla firefox 1.0.5
    mozilla firefox 1.0.6
    mozilla firefox 1.0.7
    mozilla firefox 1.0.8
    mozilla firefox 1.4.1
    mozilla firefox 1.5
    mozilla firefox 1.5 beta1
    mozilla firefox 1.5 beta2
    mozilla firefox 1.5.0.1
    mozilla firefox 1.5.0.2
    mozilla firefox 1.5.0.3
    mozilla firefox 1.5.0.4
    mozilla firefox 1.5.0.5
    mozilla firefox 1.5.0.6
    mozilla firefox 1.5.0.7
    mozilla firefox 1.5.0.8
    mozilla firefox 1.5.0.9
    mozilla firefox 1.5.0.10
    mozilla firefox 1.5.0.11
    mozilla firefox 1.5.0.12
    mozilla firefox 1.5.1
    mozilla firefox 1.5.2
    mozilla firefox 1.5.3
    mozilla firefox 1.5.4
    mozilla firefox 1.5.5
    mozilla firefox 1.5.6
    mozilla firefox 1.5.7
    mozilla firefox 1.5.8
    mozilla firefox 1.8
    mozilla firefox 2.0
    mozilla firefox 2.0 beta1
    mozilla firefox 2.0 beta_1
    mozilla firefox 2.0 rc2
    mozilla firefox 2.0 rc3
    mozilla firefox 2.0.0.1
    mozilla firefox 2.0.0.2
    mozilla firefox 2.0.0.3
    mozilla firefox 2.0.0.4
    mozilla firefox 2.0.0.5
    mozilla firefox 2.0.0.6
    mozilla firefox 2.0.0.7
    mozilla firefox 2.0.0.8
    mozilla firefox 2.0.0.9
    mozilla firefox 2.0.0.10
    mozilla firefox 2.0.0.11
    mozilla firefox 2.0.0.12
    mozilla firefox 2.0.0.13
    mozilla firefox 2.0.0.14
    mozilla firefox 2.0.0.15
    mozilla firefox 2.0.0.16
    mozilla firefox 2.0.0.17
    mozilla firefox 2.0.0.18
    mozilla firefox 2.0.0.19
    mozilla firefox 2.0.0.20
    mozilla firefox 2.0.0.21
    mozilla firefox 2.0_.1
    mozilla firefox 2.0_.4
    mozilla firefox 2.0_.5
    mozilla firefox 2.0_.6
    mozilla firefox 2.0_.7
    mozilla firefox 2.0_.9
    mozilla firefox 2.0_.10
    mozilla firefox 2.0_8
    mozilla firefox 3.0
    mozilla firefox 3.0 alpha
    mozilla firefox 3.0 beta2
    mozilla firefox 3.0 beta5
    mozilla firefox 3.0.1
    mozilla firefox 3.0.2
    mozilla firefox 3.0.3
    mozilla firefox 3.0.4
    mozilla firefox 3.0.5
    mozilla firefox 3.0.6
    mozilla firefox 3.0.7
    mozilla firefox 3.0.8
    mozilla firefox 3.0.9
    mozilla firefox 3.0.10
    mozilla firefox 3.0.11
    mozilla firefox 3.0.12
    mozilla firefox 3.0.13
    mozilla firefox 3.0.14
    mozilla firefox *
    mozilla firefox 3.5.1
    mozilla firefox 3.5.2
    mozilla firefox 3.5.3
    mozilla firefox 3.5.4
    mozilla firefox 3.5.5
    mozilla seamonkey 1.0
    mozilla seamonkey 1.0 alpha
    mozilla seamonkey 1.0 beta
    mozilla seamonkey 1.0.1
    mozilla seamonkey 1.0.2
    mozilla seamonkey 1.0.3
    mozilla seamonkey 1.0.4
    mozilla seamonkey 1.0.5
    mozilla seamonkey 1.0.6
    mozilla seamonkey 1.0.7
    mozilla seamonkey 1.0.8
    mozilla seamonkey 1.0.9
    mozilla seamonkey 1.0.99
    mozilla seamonkey 1.1
    mozilla seamonkey 1.1 alpha
    mozilla seamonkey 1.1 beta
    mozilla seamonkey 1.1.1
    mozilla seamonkey 1.1.2
    mozilla seamonkey 1.1.3
    mozilla seamonkey 1.1.4
    mozilla seamonkey 1.1.5
    mozilla seamonkey 1.1.6
    mozilla seamonkey 1.1.7
    mozilla seamonkey 1.1.8
    mozilla seamonkey 1.1.9
    mozilla seamonkey 1.1.10
    mozilla seamonkey 1.1.11
    mozilla seamonkey 1.1.12
    mozilla seamonkey 1.1.13
    mozilla seamonkey 1.1.14
    mozilla seamonkey 1.1.15
    mozilla seamonkey 1.1.16
    mozilla seamonkey 1.1.17
    mozilla seamonkey 1.5.0.8
    mozilla seamonkey 1.5.0.9
    mozilla seamonkey 1.5.0.10
    mozilla seamonkey 2.0
    mozilla seamonkey 2.0 alpha_1
    mozilla seamonkey 2.0 alpha_2
    mozilla seamonkey 2.0 alpha_3
    mozilla seamonkey 2.0 beta_1
    mozilla seamonkey 2.0 beta_2
    mozilla seamonkey 2.0 rc1
    mozilla seamonkey * rc2
    mozilla seamonkey 2.0a1
    mozilla seamonkey 2.0a1pre
    mozilla seamonkey 1.0
    mozilla seamonkey 1.0.5
    mozilla seamonkey 1.0.7
    mozilla seamonkey 1.0.2
    mozilla seamonkey 1.1.3
    mozilla seamonkey 1.1.2
    mozilla seamonkey 1.1.1
    mozilla seamonkey 1.1.4
    mozilla seamonkey 1.1.5
    mozilla seamonkey 1.1.6
    mozilla seamonkey 1.0
    mozilla seamonkey 1.0.1
    mozilla seamonkey 1.0.3
    mozilla seamonkey 1.0.4
    mozilla seamonkey 1.0.6
    mozilla seamonkey 1.0.8
    mozilla seamonkey 1.0.9
    mozilla seamonkey 1.1
    mozilla seamonkey 1.1.7
    mozilla seamonkey 1.1.8
    mozilla seamonkey 1.1.9
    mozilla seamonkey 1.1
    mozilla seamonkey 1.0
    mozilla seamonkey 1.0
    mozilla firefox 3.0.1
    mozilla seamonkey 1.1.10
    mozilla seamonkey 1.1.11
    mozilla seamonkey 1.1.12
    mozilla seamonkey 1.1.13
    mozilla seamonkey 1.1.14
    mozilla seamonkey 1.1
    mozilla seamonkey 1.1.15
    mozilla firefox 3.0.10
    mozilla firefox 3.5
    mozilla firefox 3.5.1
    mozilla firefox 3.0.12
    mozilla firefox 3.0.13
    mozilla firefox 3.5.2
    mozilla firefox 3.0.11
    mozilla firefox 3.5.3
    mozilla firefox 3.5.4
    mozilla seamonkey 1.0.99
    mozilla seamonkey 1.5.0.8
    mozilla seamonkey 1.5.0.9
    mozilla seamonkey 1.5.0.10
    mozilla firefox 3.0.14
    mozilla firefox 3.5.5
    mozilla seamonkey 2.0
    mozilla firefox 3.0.15
    suse suse linux 9.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    avaya intuity audix lx *
    avaya message networking -
    canonical ubuntu 6.06
    novell suse linux enterprise server 10 sp2
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    avaya communication manager -
    canonical ubuntu 8.04
    novell opensuse 11.0
    novell suse linux enterprise server 10 sp2
    mandriva linux 2009.0 -
    debian debian linux 5.0
    mandriva linux 2009.1
    mandriva linux 2009.1
    mandriva enterprise server 5
    mandriva enterprise server 5
    mandriva linux 2010
    mandriva linux 2010