Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2009-3374
Description:The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to "doubly-wrapped objects."
Test IDs: 1.3.6.1.4.1.25623.1.0.66194   1.3.6.1.4.1.25623.1.0.66146   1.3.6.1.4.1.25623.1.0.66144  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-3374
http://www.mandriva.com/security/advisories?name=MDVSA-2009:294
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6565
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9789
http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1
http://www.vupen.com/english/advisories/2009/3334




© 1998-2024 E-Soft Inc. All rights reserved.