Executive Summary

Informations
Name CVE-2009-3985 First vendor Publication 2009-12-17
Vendor Cve Last vendor Modification 2017-09-19

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score 6.8 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3985

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:13002
 
Oval ID: oval:org.mitre.oval:def:13002
Title: USN-873-1 -- firefox-3.0, xulrunner-1.9 vulnerabilities
Description: Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Takehiro Takahashi discovered flaws in the NTLM implementation in Firefox. If an NTLM authenticated user visited a malicious website, a remote attacker could send requests to other applications, authenticated as the user. Jonathan Morgan discovered that Firefox did not properly display SSL indicators under certain circumstances. This could be used by an attacker to spoof an encrypted page, such as in a phishing attack. Jordi Chancel discovered that Firefox did not properly display invalid URLs for a blank page. If a user were tricked into accessing a malicious website, an attacker could exploit this to spoof the location bar, such as in a phishing attack
Family: unix Class: patch
Reference(s): USN-873-1
CVE-2009-3979
CVE-2009-3981
CVE-2009-3986
CVE-2009-3983
CVE-2009-3984
CVE-2009-3985
Version: 5
Platform(s): Ubuntu 8.10
Ubuntu 8.04
Ubuntu 9.04
Product(s): firefox-3.0
xulrunner-1.9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13283
 
Oval ID: oval:org.mitre.oval:def:13283
Title: USN-877-1 -- firefox-3.0, xulrunner-1.9 regression
Description: USN-873-1 fixed vulnerabilities in Firefox and Xulrunner. The upstream changes introduced a regression when using NTLM authentication. This update fixes the problem and added additional stability fixes. We apologize for the inconvenience. Original advisory details: Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Takehiro Takahashi discovered flaws in the NTLM implementation in Firefox. If an NTLM authenticated user visited a malicious website, a remote attacker could send requests to other applications, authenticated as the user. Jonathan Morgan discovered that Firefox did not properly display SSL indicators under certain circumstances. This could be used by an attacker to spoof an encrypted page, such as in a phishing attack. Jordi Chancel discovered that Firefox did not properly display invalid URLs for a blank page. If a user were tricked into accessing a malicious website, an attacker could exploit this to spoof the location bar, such as in a phishing attack
Family: unix Class: patch
Reference(s): USN-877-1
CVE-2009-3979
CVE-2009-3981
CVE-2009-3986
CVE-2009-3983
CVE-2009-3984
CVE-2009-3985
Version: 5
Platform(s): Ubuntu 8.10
Ubuntu 8.04
Ubuntu 9.04
Product(s): firefox-3.0
xulrunner-1.9
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8480
 
Oval ID: oval:org.mitre.oval:def:8480
Title: Mozilla Firefox and Sea Monkey Content Injection Spoofing Vulnerability
Description: Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.
Family: windows Class: vulnerability
Reference(s): CVE-2009-3985
Version: 13
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Product(s): Mozilla Firefox
Mozilla Seamonkey
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9911
 
Oval ID: oval:org.mitre.oval:def:9911
Title: Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.
Description: Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3985
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 192
Application 55

ExploitDB Exploits

id Description
2009-12-18 Mozilla Firefox Location Bar Spoofing Vulnerability

OpenVAS Exploits

Date Description
2011-08-09 Name : CentOS Update for firefox CESA-2009:1674 centos4 i386
File : nvt/gb_CESA-2009_1674_firefox_centos4_i386.nasl
2011-08-09 Name : CentOS Update for firefox CESA-2009:1674 centos5 i386
File : nvt/gb_CESA-2009_1674_firefox_centos5_i386.nasl
2010-01-15 Name : Ubuntu Update for firefox-3.0, xulrunner-1.9 regression USN-877-1
File : nvt/gb_ubuntu_USN_877_1.nasl
2010-01-15 Name : Ubuntu Update for firefox-3.5, xulrunner-1.9.1 regression USN-878-1
File : nvt/gb_ubuntu_USN_878_1.nasl
2009-12-30 Name : Mandriva Security Advisory MDVSA-2009:339 (firefox)
File : nvt/mdksa_2009_339.nasl
2009-12-30 Name : Ubuntu USN-874-1 (xulrunner-1.9.1)
File : nvt/ubuntu_874_1.nasl
2009-12-30 Name : Ubuntu USN-873-1 (xulrunner-1.9)
File : nvt/ubuntu_873_1.nasl
2009-12-30 Name : SuSE Security Advisory SUSE-SA:2009:063 (MozillaFirefox)
File : nvt/suse_sa_2009_063.nasl
2009-12-30 Name : CentOS Security Advisory CESA-2009:1674 (firefox)
File : nvt/ovcesa2009_1674.nasl
2009-12-30 Name : RedHat Security Advisory RHSA-2009:1674
File : nvt/RHSA_2009_1674.nasl
2009-12-30 Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox43.nasl
2009-12-30 Name : Fedora Core 12 FEDORA-2009-13366 (gnome-python2-extras)
File : nvt/fcore_2009_13366.nasl
2009-12-30 Name : Fedora Core 12 FEDORA-2009-13362 (seamonkey)
File : nvt/fcore_2009_13362.nasl
2009-12-30 Name : Fedora Core 11 FEDORA-2009-13333 (firefox)
File : nvt/fcore_2009_13333.nasl
2009-12-30 Name : Debian Security Advisory DSA 1956-1 (xulrunner)
File : nvt/deb_1956_1.nasl
2009-12-23 Name : Firefox Multiple Vulnerabilities Dec-09 (Linux)
File : nvt/secpod_firefox_mult_vuln_dec09_lin01.nasl
2009-12-23 Name : Firefox Multiple Vulnerabilities Dec-09 (Linux)
File : nvt/secpod_firefox_mult_vuln_dec09_lin02.nasl
2009-12-23 Name : Firefox Multiple Vulnerabilities Dec-09 (Win)
File : nvt/secpod_firefox_mult_vuln_dec09_win01.nasl
2009-12-23 Name : Firefox Multiple Vulnerabilities Dec-09 (Win)
File : nvt/secpod_firefox_mult_vuln_dec09_win02.nasl
2009-12-23 Name : Seamonkey Multiple Vulnerabilities Dec-09 (Linux)
File : nvt/secpod_seamonkey_mult_vuln_dec09_lin.nasl
2009-12-23 Name : Seamonkey Multiple Vulnerabilities Dec-09 (Win)
File : nvt/secpod_seamonkey_mult_vuln_dec09_win.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
61099 Mozilla Multiple Browsers document.location Blank Page Content Spoofing

Nessus® Vulnerability Scanner

Date Description
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1674.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1673.nasl - Type : ACT_GATHER_INFO
2013-01-08 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091216_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_MozillaFirefox-6735.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_mozilla-xulrunner190-6734.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-338.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1956.nasl - Type : ACT_GATHER_INFO
2010-01-08 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-878-1.nasl - Type : ACT_GATHER_INFO
2010-01-08 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-877-1.nasl - Type : ACT_GATHER_INFO
2010-01-03 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_seamonkey-091223.nasl - Type : ACT_GATHER_INFO
2009-12-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-339.nasl - Type : ACT_GATHER_INFO
2009-12-23 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_mozilla-xulrunner190-6736.nasl - Type : ACT_GATHER_INFO
2009-12-23 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_MozillaFirefox-6733.nasl - Type : ACT_GATHER_INFO
2009-12-23 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_MozillaFirefox-091217.nasl - Type : ACT_GATHER_INFO
2009-12-23 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_MozillaFirefox-091221.nasl - Type : ACT_GATHER_INFO
2009-12-22 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_mozilla-xulrunner190-091217.nasl - Type : ACT_GATHER_INFO
2009-12-22 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_MozillaFirefox-091217.nasl - Type : ACT_GATHER_INFO
2009-12-22 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_MozillaFirefox-091217.nasl - Type : ACT_GATHER_INFO
2009-12-21 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-873-1.nasl - Type : ACT_GATHER_INFO
2009-12-21 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-874-1.nasl - Type : ACT_GATHER_INFO
2009-12-21 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1674.nasl - Type : ACT_GATHER_INFO
2009-12-21 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1673.nasl - Type : ACT_GATHER_INFO
2009-12-18 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2009-13366.nasl - Type : ACT_GATHER_INFO
2009-12-18 Name : The remote Fedora host is missing a security update.
File : fedora_2009-13362.nasl - Type : ACT_GATHER_INFO
2009-12-18 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2009-13333.nasl - Type : ACT_GATHER_INFO
2009-12-17 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_01c57d20ea2611debd3900248c9b4be7.nasl - Type : ACT_GATHER_INFO
2009-12-16 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : seamonkey_201.nasl - Type : ACT_GATHER_INFO
2009-12-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1674.nasl - Type : ACT_GATHER_INFO
2009-12-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1673.nasl - Type : ACT_GATHER_INFO
2009-12-16 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_356.nasl - Type : ACT_GATHER_INFO
2009-12-16 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_3016.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/37349
http://www.securityfocus.com/bid/37370
CONFIRM http://www.mozilla.org/security/announce/2009/mfsa2009-69.html
https://bugzilla.mozilla.org/show_bug.cgi?id=514232
https://bugzilla.redhat.com/show_bug.cgi?id=546726
DEBIAN http://www.debian.org/security/2009/dsa-1956
FEDORA https://www.redhat.com/archives/fedora-package-announce/2009-December/msg0099...
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg0103...
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg0104...
OVAL https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT https://rhn.redhat.com/errata/RHSA-2009-1674.html
SECTRACK http://securitytracker.com/id?1023342
http://securitytracker.com/id?1023343
SECUNIA http://secunia.com/advisories/37699
http://secunia.com/advisories/37704
http://secunia.com/advisories/37785
http://secunia.com/advisories/37813
http://secunia.com/advisories/37856
http://secunia.com/advisories/37881
SUSE http://www.novell.com/linux/security/advisories/2009_63_firefox.html
UBUNTU http://www.ubuntu.com/usn/USN-873-1
http://www.ubuntu.com/usn/USN-874-1
VUPEN http://www.vupen.com/english/advisories/2009/3547
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/54808

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
Date Informations
2024-02-10 01:11:18
  • Multiple Updates
2024-02-02 01:11:55
  • Multiple Updates
2024-02-01 12:03:19
  • Multiple Updates
2023-09-05 12:11:10
  • Multiple Updates
2023-09-05 01:03:11
  • Multiple Updates
2023-09-02 12:11:16
  • Multiple Updates
2023-09-02 01:03:12
  • Multiple Updates
2023-08-12 12:13:14
  • Multiple Updates
2023-08-12 01:03:11
  • Multiple Updates
2023-08-11 12:11:18
  • Multiple Updates
2023-08-11 01:03:19
  • Multiple Updates
2023-08-06 12:10:52
  • Multiple Updates
2023-08-06 01:03:13
  • Multiple Updates
2023-08-04 12:10:57
  • Multiple Updates
2023-08-04 01:03:15
  • Multiple Updates
2023-07-14 12:10:54
  • Multiple Updates
2023-07-14 01:03:13
  • Multiple Updates
2023-03-29 01:12:29
  • Multiple Updates
2023-03-28 12:03:19
  • Multiple Updates
2022-10-11 12:09:42
  • Multiple Updates
2022-10-11 01:03:02
  • Multiple Updates
2021-05-04 12:10:28
  • Multiple Updates
2021-04-22 01:10:55
  • Multiple Updates
2020-10-14 01:04:54
  • Multiple Updates
2020-10-03 01:04:53
  • Multiple Updates
2020-05-29 01:04:28
  • Multiple Updates
2020-05-23 01:41:05
  • Multiple Updates
2020-05-23 00:24:35
  • Multiple Updates
2017-11-22 12:03:09
  • Multiple Updates
2017-09-19 09:23:30
  • Multiple Updates
2017-08-17 09:22:46
  • Multiple Updates
2016-06-28 17:53:56
  • Multiple Updates
2016-04-26 19:15:39
  • Multiple Updates
2014-02-17 10:52:21
  • Multiple Updates
2013-05-11 00:00:54
  • Multiple Updates