mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
208 lines
6.7 KiB
JSON
208 lines
6.7 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2009-1306",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a \"Content-Disposition: attachment\" designation."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "http://www.mozilla.org/security/announce/2009/mfsa2009-16.html",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www.mozilla.org/security/announce/2009/mfsa2009-16.html"
|
|
},
|
|
{
|
|
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=474536",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=474536"
|
|
},
|
|
{
|
|
"name" : "DSA-1797",
|
|
"refsource" : "DEBIAN",
|
|
"url" : "http://www.debian.org/security/2009/dsa-1797"
|
|
},
|
|
{
|
|
"name" : "FEDORA-2009-3875",
|
|
"refsource" : "FEDORA",
|
|
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00683.html"
|
|
},
|
|
{
|
|
"name" : "MDVSA-2009:111",
|
|
"refsource" : "MANDRIVA",
|
|
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:111"
|
|
},
|
|
{
|
|
"name" : "MDVSA-2009:141",
|
|
"refsource" : "MANDRIVA",
|
|
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:141"
|
|
},
|
|
{
|
|
"name" : "RHSA-2009:0436",
|
|
"refsource" : "REDHAT",
|
|
"url" : "http://www.redhat.com/support/errata/RHSA-2009-0436.html"
|
|
},
|
|
{
|
|
"name" : "RHSA-2009:0437",
|
|
"refsource" : "REDHAT",
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2009-0437.html"
|
|
},
|
|
{
|
|
"name" : "RHSA-2009:1125",
|
|
"refsource" : "REDHAT",
|
|
"url" : "http://www.redhat.com/support/errata/RHSA-2009-1125.html"
|
|
},
|
|
{
|
|
"name" : "RHSA-2009:1126",
|
|
"refsource" : "REDHAT",
|
|
"url" : "http://www.redhat.com/support/errata/RHSA-2009-1126.html"
|
|
},
|
|
{
|
|
"name" : "264308",
|
|
"refsource" : "SUNALERT",
|
|
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1"
|
|
},
|
|
{
|
|
"name" : "SUSE-SR:2009:010",
|
|
"refsource" : "SUSE",
|
|
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
|
|
},
|
|
{
|
|
"name" : "USN-764-1",
|
|
"refsource" : "UBUNTU",
|
|
"url" : "https://usn.ubuntu.com/764-1/"
|
|
},
|
|
{
|
|
"name" : "USN-782-1",
|
|
"refsource" : "UBUNTU",
|
|
"url" : "http://www.ubuntu.com/usn/usn-782-1"
|
|
},
|
|
{
|
|
"name" : "34656",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/34656"
|
|
},
|
|
{
|
|
"name" : "oval:org.mitre.oval:def:10150",
|
|
"refsource" : "OVAL",
|
|
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10150"
|
|
},
|
|
{
|
|
"name" : "oval:org.mitre.oval:def:6021",
|
|
"refsource" : "OVAL",
|
|
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6021"
|
|
},
|
|
{
|
|
"name" : "oval:org.mitre.oval:def:6194",
|
|
"refsource" : "OVAL",
|
|
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6194"
|
|
},
|
|
{
|
|
"name" : "oval:org.mitre.oval:def:6312",
|
|
"refsource" : "OVAL",
|
|
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6312"
|
|
},
|
|
{
|
|
"name" : "oval:org.mitre.oval:def:6710",
|
|
"refsource" : "OVAL",
|
|
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6710"
|
|
},
|
|
{
|
|
"name" : "1022095",
|
|
"refsource" : "SECTRACK",
|
|
"url" : "http://www.securitytracker.com/id?1022095"
|
|
},
|
|
{
|
|
"name" : "34758",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/34758"
|
|
},
|
|
{
|
|
"name" : "34894",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/34894"
|
|
},
|
|
{
|
|
"name" : "34843",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/34843"
|
|
},
|
|
{
|
|
"name" : "34844",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/34844"
|
|
},
|
|
{
|
|
"name" : "34780",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/34780"
|
|
},
|
|
{
|
|
"name" : "35065",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/35065"
|
|
},
|
|
{
|
|
"name" : "35042",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/35042"
|
|
},
|
|
{
|
|
"name" : "35536",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/35536"
|
|
},
|
|
{
|
|
"name" : "ADV-2009-1125",
|
|
"refsource" : "VUPEN",
|
|
"url" : "http://www.vupen.com/english/advisories/2009/1125"
|
|
}
|
|
]
|
|
}
|
|
}
|