CVE-2009-1311

Severity

Theme

CVE-2009-1311

medium

New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during a SAVEMODE_FILEONLY save of the inner frame.

ID	Name	Product	Family	Severity
67848	Oracle Linux 3 / 4 : seamonkey (ELSA-2009-0437)	Nessus	Oracle Linux Local Security Checks	medium
67847	Oracle Linux 4 / 5 : firefox (ELSA-2009-0436)	Nessus	Oracle Linux Local Security Checks	medium
63402	GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)	Nessus	Gentoo Local Security Checks	critical
60573	Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	medium
60572	Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	medium
43743	CentOS 4 / 5 : firefox (CESA-2009:0436)	Nessus	CentOS Local Security Checks	medium
42327	openSUSE 10 Security Update : seamonkey (seamonkey-6538)	Nessus	SuSE Local Security Checks	high
42206	openSUSE Security Update : seamonkey (seamonkey-1364)	Nessus	SuSE Local Security Checks	high
42202	openSUSE Security Update : seamonkey (seamonkey-1364)	Nessus	SuSE Local Security Checks	high
42048	SuSE9 Security Update : epiphany (YOU Patch Number 12519)	Nessus	SuSE Local Security Checks	high
41437	SuSE 11 Security Update : Mozilla (SAT Patch Number 834)	Nessus	SuSE Local Security Checks	medium
41354	SuSE 11 Security Update : MozillaFirefox (SAT Patch Number 835)	Nessus	SuSE Local Security Checks	medium
40280	openSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-832)	Nessus	SuSE Local Security Checks	medium
40172	openSUSE Security Update : MozillaFirefox (MozillaFirefox-833)	Nessus	SuSE Local Security Checks	medium
40076	openSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-832)	Nessus	SuSE Local Security Checks	medium
39889	openSUSE Security Update : MozillaFirefox (MozillaFirefox-833)	Nessus	SuSE Local Security Checks	medium
39846	Fedora 11 : seamonkey-1.1.17-1.fc11 (2009-7614)	Nessus	Fedora Local Security Checks	high
39845	Fedora 10 : seamonkey-1.1.17-1.fc10 (2009-7567)	Nessus	Fedora Local Security Checks	high
39522	Slackware 11.0 / 12.0 / 12.1 / 12.2 / current : seamonkey (SSA:2009-176-01)	Nessus	Slackware Local Security Checks	high
39494	SeaMonkey < 1.1.17 Multiple Vulnerabilities	Nessus	Windows	high
38899	CentOS 3 / 4 : seamonkey (CESA-2009:0437)	Nessus	CentOS Local Security Checks	medium
38853	Mandriva Linux Security Advisory : firefox (MDVSA-2009:111-1)	Nessus	Mandriva Local Security Checks	high
38724	Debian DSA-1797-1 : xulrunner - several vulnerabilities	Nessus	Debian Local Security Checks	medium
38160	Fedora 10 : Miro-2.0.3-3.fc10 / blam-1.8.5-9.fc10 / devhelp-0.22-7.fc10 / epiphany-2.24.3-5.fc10 / etc (2009-3893)	Nessus	Fedora Local Security Checks	medium
37309	Fedora 9 : Miro-2.0.3-3.fc9 / blam-1.8.5-8.fc9.1 / chmsee-1.0.1-11.fc9 / devhelp-0.19.1-11.fc9 / etc (2009-3875)	Nessus	Fedora Local Security Checks	medium
36228	Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-764-1)	Nessus	Ubuntu Local Security Checks	medium
4998	Mozilla Firefox < 3.0.9 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	medium
36215	Firefox < 3.0.9 Multiple Vulnerabilities	Nessus	Windows	high
36214	RHEL 2.1 / 3 / 4 : seamonkey (RHSA-2009:0437)	Nessus	Red Hat Local Security Checks	medium
36213	RHEL 4 / 5 : firefox (RHSA-2009:0436)	Nessus	Red Hat Local Security Checks	medium
36212	FreeBSD : mozilla -- multiple vulnerabilities (3b18e237-2f15-11de-9672-0030843d3802)	Nessus	FreeBSD Local Security Checks	medium
5084	SeaMonkey < 1.1.17 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	medium
5001	Mozilla Thunderbird < 2.0.0.22 Multiple Vulnerabilities	Nessus Network Monitor	SMTP Clients	medium
801255	Mozilla SeaMonkey < 1.1.17 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
801249	Mozilla Thunderbird < 2.0.0.21 Multiple Vulnerabilities	Log Correlation Engine	SMTP Clients	high
800746	Firefox < 3.0.9 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high

CVE-2009-1311

medium

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

Vulnerable Software

Configuration 1

Tenable Plugins

medium

medium

critical

medium

medium

medium

high

high

high

high

medium

medium

medium

medium

medium

medium

high

high

high

high

medium

high

medium

medium

medium

medium

medium

high

medium

medium

medium

medium

medium

high

high

high