FKIE_CVE-2009-3374

Vulnerability from fkie_nvd - Published: 2009-10-29 14:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to "doubly-wrapped objects."
References
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2009:294
cve@mitre.orghttp://www.mozilla.org/security/announce/2009/mfsa2009-57.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/3334
cve@mitre.orghttps://bugzilla.mozilla.org/show_bug.cgi?id=505988
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6565
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9789
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:294
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2009/mfsa2009-57.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/3334
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=505988
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6565
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9789
Impacted products
Vendor Product Version
mozilla firefox 3.0
mozilla firefox 3.0.1
mozilla firefox 3.0.2
mozilla firefox 3.0.3
mozilla firefox 3.0.4
mozilla firefox 3.0.5
mozilla firefox 3.0.6
mozilla firefox 3.0.7
mozilla firefox 3.0.8
mozilla firefox 3.0.9
mozilla firefox 3.0.10
mozilla firefox 3.0.11
mozilla firefox 3.0.12
mozilla firefox 3.0.13
mozilla firefox 3.5.1
mozilla firefox 3.5.2
mozilla firefox 3.5.3
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*",
              "matchCriteriaId": "20139741-10B1-4E4B-8D5F-A715042049C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "11E07FED-ABDB-4B0A-AB2E-4CBF1EAC4301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A6558F1-9E0D-4107-909A-8EF4BC8A9C2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "63DF3D65-C992-44CF-89B4-893526C6242E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9024117-2E8B-4240-9E21-CC501F3879B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBC3CAD3-2F54-4E32-A0C9-0D826C45AC23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "52624B41-AB34-40AD-8709-D9646B618AB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "917E9856-9556-4FD6-A834-858F8837A6B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "98BBD74D-930C-4D80-A91B-0D61347BAA63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAF2E696-883D-4DE5-8B79-D8E5D9470253",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "94E04FD9-38E8-462D-82C2-729F7F7F0465",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "5888517E-3C57-4A0A-9895-EA4BCB0A0ED5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BB21291-B9F3-445E-A9E9-EA1822083DD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D595F649-ECBE-45E0-8AAD-BCBC65A654B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "031E8624-5161-43AF-AF19-6BAB5A94FDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "54186D4A-C6F0-44AD-94FB-73B4346ABB6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "47E50AD9-BA35-4817-BD4D-5D678FC5A3C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to \"doubly-wrapped objects.\""
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n XPCVariant::VariantDataToJS en la implementacion XPCOM en Mozilla Firefox v3.0.x anteriores a v3.0.15 y v3.5.x anteriores a v3.5.4  no aplica adecuadamente las restricciones previstas en la interacci\u00f3n entre c\u00f3digo del chrome y objetos procedentes de paginas web remotas, lo que permite a atacantes remotos ejecutar JavaScript arbitrario con privilegios chrome a trav\u00e9s de m\u00e9todos de llama sin especificar, relacionado con \"objetos doubly-wrapped\"."
    }
  ],
  "id": "CVE-2009-3374",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-10-29T14:30:00.937",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:294"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-57.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/3334"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=505988"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6565"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9789"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:294"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-57.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/3334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=505988"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6565"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9789"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.