what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2009-3376

Status Candidate

Overview

Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file.

Related Files

Ubuntu Security Notice 915-1
Posted Mar 19, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 915-1 - Several flaws were discovered in the JavaScript engine of Thunderbird. Josh Soref discovered that the BinHex decoder used in Thunderbird contained a flaw. It was discovered that Thunderbird did not properly manage memory when using XUL tree elements. Jesse Ruderman and Sid Stamm discovered that Thunderbird did not properly display filenames containing right-to-left (RTL) override characters. Takehiro Takahashi discovered flaws in the NTLM implementation in Thunderbird. Ludovic Hirlimann discovered a flaw in the way Thunderbird indexed certain messages with attachments.

tags | advisory, javascript
systems | linux, ubuntu
advisories | CVE-2009-0689, CVE-2009-2463, CVE-2009-3072, CVE-2009-3075, CVE-2009-3077, CVE-2009-3376, CVE-2009-3983, CVE-2010-0163
SHA-256 | 4abd2d6f36bedce62d8e1eed0ee21108af3268f19a75e5e592dec1d303db0131
VMware Security Advisory 2010-0001
Posted Jan 7, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory - Service console packages for Network Security Services (NSS) and NetScape Portable Runtime (NSPR) are updated to versions nss-3.12.3.99.3-1.2157 and nspr-4.7.6-1.2213 respectively. This patch fixes several security issues in the service console packages for NSS and NSPR.

tags | advisory
advisories | CVE-2009-2409, CVE-2009-2408, CVE-2009-2404, CVE-2009-1563, CVE-2009-3274, CVE-2009-3370, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3380, CVE-2009-3382
SHA-256 | 750bfc5b2e28a67af487861fbcc96e099b1881a6cbe999078d4626cf32cfde37
Mandriva Linux Security Advisory 2009-290
Posted Dec 4, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-290 - Security issues were identified and fixed in firefox 3.0.x.

tags | advisory
systems | linux, mandriva
advisories | CVE-2009-1563, CVE-2009-3274, CVE-2009-3370, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3380, CVE-2009-3382
SHA-256 | d427b7335ca3b2bd0e78ec0908a1797eb3e8671e91a8ae002fc03da4802fb66b
Mandriva Linux Security Advisory 2009-294
Posted Nov 6, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-294 - Security issues were identified and fixed in Firefox 3.5.x.

tags | advisory
systems | linux, mandriva
advisories | CVE-2009-1563, CVE-2009-3274, CVE-2009-3370, CVE-2009-3371, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3377, CVE-2009-3378, CVE-2009-3379, CVE-2009-3380
SHA-256 | 4addcca5fafa803913097baa6c63f7a85816ac4e4393a557c0051bbed68d1b5b
Ubuntu Security Notice 853-1
Posted Nov 3, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 853-1 - Various vulnerabilities in Firefox and XULRunner have been addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-1563, CVE-2009-3274, CVE-2009-3370, CVE-2009-3371, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3377, CVE-2009-3380, CVE-2009-3381, CVE-2009-3382, CVE-2009-3383
SHA-256 | f50fa4b2a88547c5439a7c01db10ed6b6670dedefe78df956584118149cf91ab
Mandriva Linux Security Advisory 2009-290
Posted Oct 29, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-290 - Security issues were identified and fixed in Firefox 3.0.x. This update provides the latest Mozilla Firefox 3.0.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates.

tags | advisory
systems | linux, mandriva
advisories | CVE-2009-1563, CVE-2009-3274, CVE-2009-3370, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3380, CVE-2009-3382
SHA-256 | 81cd4ae6c0e4a6fbd63e6be6811775c38ed6270fdf26efb68f1373d24354eb81
Debian Linux Security Advisory 1922-1
Posted Oct 28, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1922-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2009-3274, CVE-2009-3370, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3380, CVE-2009-3382
SHA-256 | a220a510e52acdc35e63b91c7fafa29b451ce1d41d75745b324d947eec52a426
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close