CVE-2009-1834
published 2009-06-12CVE-2009-1834: Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 allows remote attackers to…
PriorityP423medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
3.23%
86.7th percentile
Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 allows remote attackers to spoof the location bar via an IDN with invalid Unicode characters that are displayed as whitespace, as demonstrated by the \u115A through \u115E characters.
Affected
112 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mozilla | firefox | <= 3.0.10 | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_ubuntu9.3CRITICAL
vendor_redhat4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Firefox and Xulrunner vulnerabilities
vendor_ubuntu·2009-06-12·CVSS 9.3
CVE-2009-1841 [CRITICAL] Firefox and Xulrunner vulnerabilities
Title: Firefox and Xulrunner vulnerabilities
Summary: Firefox and Xulrunner vulnerabilities
Several flaws were discovered in the browser and JavaScript engines of
Firefox. If a user were tricked into viewing a malicious website, a remote
attacker could cause a denial of service or possibly execute arbitrary code
with the privileges of the user invoking the program. (CVE-2009-1392,
CVE-2009-1832, CVE-2009-1833, CVE-2009-1837, CVE-2009-1838)
Pavel Cvrcek discovered that Firefox would sometimes display certain
invalid Unicode characters as whitespace. An attacker could exploit this to
spoof the location bar, such as in a phishing attack. (CVE-2009-1834)
Gregory Fleischer, Adam Barth and Collin Jackson discovered that Firefox
would allow access to local files from resources loaded via the
Red Hat
Firefox URL spoofing with invalid unicode characters
vendor_redhat·2009-06-11·CVSS 4.3
CVE-2009-1834 [MEDIUM] Firefox URL spoofing with invalid unicode characters
Firefox URL spoofing with invalid unicode characters
Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 allows remote attackers to spoof the location bar via an IDN with invalid Unicode characters that are displayed as whitespace, as demonstrated by the \u115A through \u115E characters.
GHSA
GHSA-m6fm-xwqg-f4r6: Visual truncation vulnerability in netwerk/dns/src/nsIDNService
ghsa_unreviewed·2022-05-02
CVE-2009-1834 [MEDIUM] CWE-20 GHSA-m6fm-xwqg-f4r6: Visual truncation vulnerability in netwerk/dns/src/nsIDNService
Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 allows remote attackers to spoof the location bar via an IDN with invalid Unicode characters that are displayed as whitespace, as demonstrated by the \u115A through \u115E characters.
No detection rules found.
Exploit-DB
Mozilla Firefox 3.0.10 / SeaMonkey 1.1.16 - Address Bar URI Spoofing
exploitdb·2009-05-11
CVE-2009-1834 Mozilla Firefox 3.0.10 / SeaMonkey 1.1.16 - Address Bar URI Spoofing
Mozilla Firefox 3.0.10 / SeaMonkey 1.1.16 - Address Bar URI Spoofing
---
source: https://www.securityfocus.com/bid/35388/info
Mozilla Firefox and SeaMonkey are affected by a URI-spoofing vulnerability because they fail to adequately handle user-supplied data.
An attacker may leverage this issue by inserting arbitrary content to spoof a URI presented to an unsuspecting user. This may lead to a false sense of trust because the victim may be presented with a URI of a seemingly trusted site while interacting with the attacker's malicious site.
Versions *prior to* the following are affected:
Firefox 3.0.11
SeaMonkey 1.1.17
NOTE: This issue was previously covered in BID 35326 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities), but has been ass
Exploit-DB
WordPress MU < 2.7 - 'HOST' HTTP Header Cross-Site Scripting
exploitdb·2009-03-10
CVE-2009-1030 WordPress MU < 2.7 - 'HOST' HTTP Header Cross-Site Scripting
WordPress MU
1833
1834
1835
1836
1837 ID );
1839 if( count( $all_blogs ) > 1 ) {
1840 $primary_blog = get_usermeta($current_user->ID,
'primary_blog');
1841 ?>
1842
1843
1844 userblog_id
?>'userblog_id ) echo '
selected="selected"' ?>>http://domain.$blog->path
?>
1845
1846
1847
1852
1853
1854
1855 "
http://www.example.com/wp-admin/profile.php> tmp.html
$ firefox tmp.html
The javascript code will be executed in the context of the victim
browser, this can be exploited to steal cookies and escalate
privileges to administrator.
Tested with Wordpress MU 2.6.5, Apache 2.2 and Mozilla Firefox 3.0.6
V. BUSINESS IMPACT
The impact is the attacker can gain administrator privileges on the
application.
VI. SYSTEMS AFFECTED
Versions prior to 2.7 are affected
VII. SOLUTION
Upgrade to version 2.7 of w
http://osvdb.org/55162http://secunia.com/advisories/35331http://secunia.com/advisories/35415http://secunia.com/advisories/35431http://secunia.com/advisories/35439http://secunia.com/advisories/35468http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1http://www.debian.org/security/2009/dsa-1820http://www.mozilla.org/security/announce/2009/mfsa2009-25.htmlhttp://www.securityfocus.com/bid/35326http://www.securityfocus.com/bid/35388http://www.vupen.com/english/advisories/2009/1572https://bugzilla.mozilla.org/show_bug.cgi?id=479413https://bugzilla.redhat.com/show_bug.cgi?id=503573https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10436https://rhn.redhat.com/errata/RHSA-2009-1095.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg00574.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg00657.htmlhttp://osvdb.org/55162http://secunia.com/advisories/35331http://secunia.com/advisories/35415http://secunia.com/advisories/35431http://secunia.com/advisories/35439http://secunia.com/advisories/35468http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1http://www.debian.org/security/2009/dsa-1820http://www.mozilla.org/security/announce/2009/mfsa2009-25.htmlhttp://www.securityfocus.com/bid/35326http://www.securityfocus.com/bid/35388http://www.vupen.com/english/advisories/2009/1572https://bugzilla.mozilla.org/show_bug.cgi?id=479413https://bugzilla.redhat.com/show_bug.cgi?id=503573https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10436https://rhn.redhat.com/errata/RHSA-2009-1095.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg00574.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-June/msg00657.html
2009-06-12
Published