CVE-2009-1838

HIGH

Description

The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted event handler, related to an incorrect context for this event handler.

References

http://osvdb.org/55157

http://rhn.redhat.com/errata/RHSA-2009-1096.html

http://secunia.com/advisories/35331

http://secunia.com/advisories/35415

http://secunia.com/advisories/35428

http://secunia.com/advisories/35431

http://secunia.com/advisories/35439

http://secunia.com/advisories/35440

http://secunia.com/advisories/35468

http://secunia.com/advisories/35536

http://secunia.com/advisories/35561

http://secunia.com/advisories/35602

http://secunia.com/advisories/35882

http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468

http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.425408

http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1

http://www.debian.org/security/2009/dsa-1820

http://www.debian.org/security/2009/dsa-1830

http://www.mandriva.com/security/advisories?name=MDVSA-2009:141

http://www.mozilla.org/security/announce/2009/mfsa2009-29.html

http://www.redhat.com/support/errata/RHSA-2009-1125.html

http://www.redhat.com/support/errata/RHSA-2009-1126.html

http://www.securityfocus.com/bid/35326

http://www.securityfocus.com/bid/35383

http://www.securitytracker.com/id?1022397

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.454275

http://www.ubuntu.com/usn/usn-782-1

http://www.vupen.com/english/advisories/2009/1572

https://bugzilla.mozilla.org/show_bug.cgi?id=489131

https://bugzilla.redhat.com/show_bug.cgi?id=503580

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11080

https://rhn.redhat.com/errata/RHSA-2009-1095.html

https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00444.html

https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00504.html

https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00574.html

https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00657.html

Details

Source: MITRE

Published: 2009-06-12

Updated: 2018-10-30

Type: CWE-94

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH