Mozilla Firefox Error Page Address Bar URI Spoofing Vulnerability

Bugtraq ID: 35803
Class: Input Validation Error
CVE: CVE-2009-2654
Remote: Yes
Local: No
Published: Jul 24 2009 12:00AM
Updated: Oct 23 2009 05:48PM
Credit: Juan Pablo Lopez Yacubian
Vulnerable: Ubuntu Ubuntu Linux 9.04 sparc
Ubuntu Ubuntu Linux 9.04 powerpc
Ubuntu Ubuntu Linux 9.04 lpia
Ubuntu Ubuntu Linux 9.04 i386
Ubuntu Ubuntu Linux 9.04 amd64
Ubuntu Ubuntu Linux 8.10 sparc
Ubuntu Ubuntu Linux 8.10 powerpc
Ubuntu Ubuntu Linux 8.10 lpia
Ubuntu Ubuntu Linux 8.10 i386
Ubuntu Ubuntu Linux 8.10 amd64
Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu Ubuntu Linux 8.04 LTS amd64
SuSE SUSE Linux Enterprise Server 11 DEBUGINFO
SuSE SUSE Linux Enterprise Server 11
SuSE SUSE Linux Enterprise Server 10 SP3
SuSE SUSE Linux Enterprise Server 10 SP2
SuSE SUSE Linux Enterprise SDK 10 SP3
SuSE SUSE Linux Enterprise SDK 10 SP2
SuSE SUSE Linux Enterprise Desktop 11
SuSE SUSE Linux Enterprise Desktop 10 SP3
SuSE SUSE Linux Enterprise Desktop 10 SP2
SuSE SUSE Linux Enterprise 11
SuSE SUSE Linux Enterprise 10 SP3 DEBUGINFO
SuSE SUSE Linux Enterprise 10 SP2 DEBUGINFO
Sun OpenSolaris build snv_121
Sun OpenSolaris build snv_120
Sun OpenSolaris build snv_119
S.u.S.E. openSUSE 11.1
S.u.S.E. openSUSE 11.0
S.u.S.E. openSUSE 10.3
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop version 4
RedHat Desktop 3.0
Red Hat Fedora 11
Red Hat Fedora 10
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux 5 Server
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0.8
Mozilla Firefox 3.0.7 Beta
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0 Beta 5
Mozilla Firefox 3.0
Mandriva Linux Mandrake 2009.1 x86_64
Mandriva Linux Mandrake 2009.1
Mandriva Linux Mandrake 2009.0 x86_64
Mandriva Linux Mandrake 2009.0
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
Avaya Messaging Storage Server MSS 3.0
Avaya Messaging Storage Server MM3.0
Avaya Messaging Storage Server 5.0
Avaya Messaging Storage Server 4.0
Avaya Messaging Storage Server 3.1
Avaya Messaging Storage Server 2.0
Avaya Messaging Storage Server 1.0
Avaya Messaging Storage Server
Avaya Message Networking MN 3.1
Avaya Message Networking 3.1
Avaya Message Networking
Avaya Intuity AUDIX LX R1.1
Avaya Intuity AUDIX LX 2.0 SP2
Avaya Intuity AUDIX LX 2.0 SP1
Avaya Intuity AUDIX LX 2.0
Avaya Intuity AUDIX LX 1.0
Not Vulnerable: Sun OpenSolaris build snv_122
Mozilla Firefox 3.5.2
Mozilla Firefox 3.0.13


 

Privacy Statement
Copyright 2010, SecurityFocus