Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary downloaded file by placing a file in a /tmp location before the download occurs, related to the Download Manager component. NOTE: some of these details are obtained from third party information.
http://jbrownsec.blogspot.com/2009/09/vamos-updates.html
http://secunia.com/advisories/36649
http://securitytube.net/Zero-Day-Demos-(Firefox-Vulnerability-Discovered)-video.aspx
http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1
http://www.mandriva.com/security/advisories?name=MDVSA-2009:294
http://www.mozilla.org/security/announce/2009/mfsa2009-53.html
http://www.redhat.com/support/errata/RHSA-2010-0153.html
http://www.redhat.com/support/errata/RHSA-2010-0154.html
http://www.vupen.com/english/advisories/2009/3334
http://www.vupen.com/english/advisories/2010/0650
https://bugzilla.mozilla.org/show_bug.cgi?id=514823
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9641
Source: MITRE
Published: 2009-09-21
Updated: 2018-08-13
Type: NVD-CWE-Other
Base Score: 4.4
Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 3.4
Severity: MEDIUM
AND
OR
cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.13:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.14:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*
OR
ID | Name | Product | Family | Severity |
---|---|---|---|---|
89735 | VMware ESX Third-Party Libraries Multiple Vulnerabilities (VMSA-2010-0001) (remote check) | Nessus | VMware ESX Local Security Checks | critical |
68015 | Oracle Linux 4 : thunderbird (ELSA-2010-0154) | Nessus | Oracle Linux Local Security Checks | critical |
67949 | Oracle Linux 3 / 4 : seamonkey (ELSA-2009-1531) | Nessus | Oracle Linux Local Security Checks | critical |
67948 | Oracle Linux 4 / 5 : firefox (ELSA-2009-1530) | Nessus | Oracle Linux Local Security Checks | critical |
63923 | RHEL 5 : thunderbird (RHSA-2010:0153) | Nessus | Red Hat Local Security Checks | critical |
63402 | GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST) | Nessus | Gentoo Local Security Checks | critical |
60750 | Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | critical |
60685 | Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | critical |
60683 | Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | critical |
49897 | SuSE 10 Security Update : Mozilla XULRunner (ZYPP Patch Number 6617) | Nessus | SuSE Local Security Checks | critical |
49887 | SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6609) | Nessus | SuSE Local Security Checks | critical |
48157 | Mandriva Linux Security Advisory : firefox (MDVSA-2009:294) | Nessus | Mandriva Local Security Checks | critical |
46271 | RHEL 4 : thunderbird (RHSA-2010:0154) | Nessus | Red Hat Local Security Checks | critical |
45521 | Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2010:071) | Nessus | Mandriva Local Security Checks | critical |
45361 | CentOS 5 : thunderbird (CESA-2010:0153) | Nessus | CentOS Local Security Checks | critical |
45093 | CentOS 4 : thunderbird (CESA-2010:0154) | Nessus | CentOS Local Security Checks | critical |
44787 | Debian DSA-1922-1 : xulrunner - several vulnerabilities | Nessus | Debian Local Security Checks | critical |
43826 | VMSA-2010-0001 : ESX Service Console and vMA updates for nss and nspr | Nessus | VMware ESX Local Security Checks | critical |
42992 | Mandriva Linux Security Advisory : firefox (MDVSA-2009:290-1) | Nessus | Mandriva Local Security Checks | critical |
42474 | Ubuntu 9.10 : firefox-3.5, xulrunner-1.9.1 regression (USN-853-2) | Nessus | Ubuntu Local Security Checks | critical |
42391 | openSUSE Security Update : MozillaFirefox (MozillaFirefox-1499) | Nessus | SuSE Local Security Checks | critical |
42388 | openSUSE Security Update : MozillaFirefox (MozillaFirefox-1499) | Nessus | SuSE Local Security Checks | critical |
42383 | Fedora 10 : Miro-2.0.5-5.fc10 / blam-1.8.5-15.fc10 / epiphany-2.24.3-11.fc10 / etc (2009-10981) | Nessus | Fedora Local Security Checks | critical |
42366 | SuSE 10 Security Update : Mozilla XULRunner (ZYPP Patch Number 6616) | Nessus | SuSE Local Security Checks | critical |
42365 | SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6606) | Nessus | SuSE Local Security Checks | critical |
42364 | SuSE 11 Security Update : Mozilla XULRunner (SAT Patch Number 1493) | Nessus | SuSE Local Security Checks | critical |
42363 | SuSE 11 Security Update : Mozilla Firefox (SAT Patch Number 1488) | Nessus | SuSE Local Security Checks | critical |
42335 | Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1 vulnerabilities (USN-853-1) | Nessus | Ubuntu Local Security Checks | critical |
42298 | FreeBSD : mozilla -- multiple vulnerabilities (c87aa2d2-c3c4-11de-ab08-000f20797ede) | Nessus | FreeBSD Local Security Checks | critical |
42297 | Fedora 11 : Miro-2.5.2-5.fc11 / blam-1.8.5-15.fc11 / chmsee-1.0.1-12.fc11 / eclipse-3.4.2-17.fc11 / etc (2009-10878) | Nessus | Fedora Local Security Checks | critical |
42296 | CentOS 3 / 4 : seamonkey (CESA-2009:1531) | Nessus | CentOS Local Security Checks | critical |
42295 | CentOS 4 : firefox (CESA-2009:1530) | Nessus | CentOS Local Security Checks | critical |
42288 | RHEL 3 / 4 : seamonkey (RHSA-2009:1531) | Nessus | Red Hat Local Security Checks | critical |
42287 | RHEL 4 / 5 : firefox (RHSA-2009:1530) | Nessus | Red Hat Local Security Checks | critical |