exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2009-3376

Status Candidate

Overview

Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file.

Related Files

Ubuntu Security Notice 915-1
Posted Mar 19, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 915-1 - Several flaws were discovered in the JavaScript engine of Thunderbird. Josh Soref discovered that the BinHex decoder used in Thunderbird contained a flaw. It was discovered that Thunderbird did not properly manage memory when using XUL tree elements. Jesse Ruderman and Sid Stamm discovered that Thunderbird did not properly display filenames containing right-to-left (RTL) override characters. Takehiro Takahashi discovered flaws in the NTLM implementation in Thunderbird. Ludovic Hirlimann discovered a flaw in the way Thunderbird indexed certain messages with attachments.

tags | advisory, javascript
systems | linux, ubuntu
advisories | CVE-2009-0689, CVE-2009-2463, CVE-2009-3072, CVE-2009-3075, CVE-2009-3077, CVE-2009-3376, CVE-2009-3983, CVE-2010-0163
SHA-256 | 4abd2d6f36bedce62d8e1eed0ee21108af3268f19a75e5e592dec1d303db0131
VMware Security Advisory 2010-0001
Posted Jan 7, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory - Service console packages for Network Security Services (NSS) and NetScape Portable Runtime (NSPR) are updated to versions nss-3.12.3.99.3-1.2157 and nspr-4.7.6-1.2213 respectively. This patch fixes several security issues in the service console packages for NSS and NSPR.

tags | advisory
advisories | CVE-2009-2409, CVE-2009-2408, CVE-2009-2404, CVE-2009-1563, CVE-2009-3274, CVE-2009-3370, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3380, CVE-2009-3382
SHA-256 | 750bfc5b2e28a67af487861fbcc96e099b1881a6cbe999078d4626cf32cfde37
Mandriva Linux Security Advisory 2009-290
Posted Dec 4, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-290 - Security issues were identified and fixed in firefox 3.0.x.

tags | advisory
systems | linux, mandriva
advisories | CVE-2009-1563, CVE-2009-3274, CVE-2009-3370, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3380, CVE-2009-3382
SHA-256 | d427b7335ca3b2bd0e78ec0908a1797eb3e8671e91a8ae002fc03da4802fb66b
Mandriva Linux Security Advisory 2009-294
Posted Nov 6, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-294 - Security issues were identified and fixed in Firefox 3.5.x.

tags | advisory
systems | linux, mandriva
advisories | CVE-2009-1563, CVE-2009-3274, CVE-2009-3370, CVE-2009-3371, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3377, CVE-2009-3378, CVE-2009-3379, CVE-2009-3380
SHA-256 | 4addcca5fafa803913097baa6c63f7a85816ac4e4393a557c0051bbed68d1b5b
Ubuntu Security Notice 853-1
Posted Nov 3, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 853-1 - Various vulnerabilities in Firefox and XULRunner have been addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-1563, CVE-2009-3274, CVE-2009-3370, CVE-2009-3371, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3377, CVE-2009-3380, CVE-2009-3381, CVE-2009-3382, CVE-2009-3383
SHA-256 | f50fa4b2a88547c5439a7c01db10ed6b6670dedefe78df956584118149cf91ab
Mandriva Linux Security Advisory 2009-290
Posted Oct 29, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-290 - Security issues were identified and fixed in Firefox 3.0.x. This update provides the latest Mozilla Firefox 3.0.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates.

tags | advisory
systems | linux, mandriva
advisories | CVE-2009-1563, CVE-2009-3274, CVE-2009-3370, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3380, CVE-2009-3382
SHA-256 | 81cd4ae6c0e4a6fbd63e6be6811775c38ed6270fdf26efb68f1373d24354eb81
Debian Linux Security Advisory 1922-1
Posted Oct 28, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1922-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2009-3274, CVE-2009-3370, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3380, CVE-2009-3382
SHA-256 | a220a510e52acdc35e63b91c7fafa29b451ce1d41d75745b324d947eec52a426
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close