Showing 1 - 7 of 7

CVE-2009-3376

Status Candidate

Overview

Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file.

Related Files

Ubuntu Security Notice 915-1: Posted Mar 19, 2010; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 915-1 - Several flaws were discovered in the JavaScript engine of Thunderbird. Josh Soref discovered that the BinHex decoder used in Thunderbird contained a flaw. It was discovered that Thunderbird did not properly manage memory when using XUL tree elements. Jesse Ruderman and Sid Stamm discovered that Thunderbird did not properly display filenames containing right-to-left (RTL) override characters. Takehiro Takahashi discovered flaws in the NTLM implementation in Thunderbird. Ludovic Hirlimann discovered a flaw in the way Thunderbird indexed certain messages with attachments.; tags | advisory, javascript; systems | linux, ubuntu; advisories | CVE-2009-0689, CVE-2009-2463, CVE-2009-3072, CVE-2009-3075, CVE-2009-3077, CVE-2009-3376, CVE-2009-3983, CVE-2010-0163; SHA-256 | 4abd2d6f36bedce62d8e1eed0ee21108af3268f19a75e5e592dec1d303db0131; Download | Favorite | View

VMware Security Advisory 2010-0001: Posted Jan 7, 2010; Authored by VMware | Site vmware.com; VMware Security Advisory - Service console packages for Network Security Services (NSS) and NetScape Portable Runtime (NSPR) are updated to versions nss-3.12.3.99.3-1.2157 and nspr-4.7.6-1.2213 respectively. This patch fixes several security issues in the service console packages for NSS and NSPR.; tags | advisory; advisories | CVE-2009-2409, CVE-2009-2408, CVE-2009-2404, CVE-2009-1563, CVE-2009-3274, CVE-2009-3370, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3380, CVE-2009-3382; SHA-256 | 750bfc5b2e28a67af487861fbcc96e099b1881a6cbe999078d4626cf32cfde37; Download | Favorite | View

Mandriva Linux Security Advisory 2009-290: Posted Dec 4, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-290 - Security issues were identified and fixed in firefox 3.0.x.; tags | advisory; systems | linux, mandriva; advisories | CVE-2009-1563, CVE-2009-3274, CVE-2009-3370, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3380, CVE-2009-3382; SHA-256 | d427b7335ca3b2bd0e78ec0908a1797eb3e8671e91a8ae002fc03da4802fb66b; Download | Favorite | View

Mandriva Linux Security Advisory 2009-294: Posted Nov 6, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-294 - Security issues were identified and fixed in Firefox 3.5.x.; tags | advisory; systems | linux, mandriva; advisories | CVE-2009-1563, CVE-2009-3274, CVE-2009-3370, CVE-2009-3371, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3377, CVE-2009-3378, CVE-2009-3379, CVE-2009-3380; SHA-256 | 4addcca5fafa803913097baa6c63f7a85816ac4e4393a557c0051bbed68d1b5b; Download | Favorite | View

Ubuntu Security Notice 853-1: Posted Nov 3, 2009; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 853-1 - Various vulnerabilities in Firefox and XULRunner have been addressed.; tags | advisory, vulnerability; systems | linux, ubuntu; advisories | CVE-2009-1563, CVE-2009-3274, CVE-2009-3370, CVE-2009-3371, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3377, CVE-2009-3380, CVE-2009-3381, CVE-2009-3382, CVE-2009-3383; SHA-256 | f50fa4b2a88547c5439a7c01db10ed6b6670dedefe78df956584118149cf91ab; Download | Favorite | View

Mandriva Linux Security Advisory 2009-290: Posted Oct 29, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-290 - Security issues were identified and fixed in Firefox 3.0.x. This update provides the latest Mozilla Firefox 3.0.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates.; tags | advisory; systems | linux, mandriva; advisories | CVE-2009-1563, CVE-2009-3274, CVE-2009-3370, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3380, CVE-2009-3382; SHA-256 | 81cd4ae6c0e4a6fbd63e6be6811775c38ed6270fdf26efb68f1373d24354eb81; Download | Favorite | View

Debian Linux Security Advisory 1922-1: Posted Oct 28, 2009; Authored by Debian | Site debian.org; Debian Linux Security Advisory 1922-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.; tags | advisory, remote, web, vulnerability; systems | linux, debian; advisories | CVE-2009-3274, CVE-2009-3370, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3380, CVE-2009-3382; SHA-256 | a220a510e52acdc35e63b91c7fafa29b451ce1d41d75745b324d947eec52a426; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 272 files
Ubuntu 60 files
Debian 19 files
Gentoo 8 files
Apple 5 files
Google Security Research 4 files
Jann Horn 3 files
Spencer McIntyre 3 files
LiquidWorm 3 files
Pierre Kim 2 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,172)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,112)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,459)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,018)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2009-3376

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems