CVE-2009-3983 Information
Description
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6 and SeaMonkey before 2.0.1 allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.
Reference
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://secunia.com/advisories/37699 http://secunia.com/advisories/37703 http://secunia.com/advisories/37704 http://secunia.com/advisories/37785 http://secunia.com/advisories/37813 http://secunia.com/advisories/37856 http://secunia.com/advisories/37881 http://secunia.com/advisories/38977 http://secunia.com/advisories/39001 http://securitytracker.com/id?1023340 http://securitytracker.com/id?1023341 http://www.debian.org/security/2009/dsa-1956 http://www.mozilla.org/security/announce/2009/mfsa2009-68.html http://www.novell.com/linux/security/advisories/2009_63_firefox.html http://www.securityfocus.com/bid/37349 http://www.securityfocus.com/bid/37366 http://www.ubuntu.com/usn/USN-873-1 http://www.ubuntu.com/usn/USN-874-1 http://www.ubuntu.com/usn/USN-915-1 http://www.vupen.com/english/advisories/2009/3547 http://www.vupen.com/english/advisories/2010/0648 https://bugzilla.mozilla.org/show_bug.cgi?id=487872 https://bugzilla.redhat.com/show_bug.cgi?id=546720 https://exchange.xforce.ibmcloud.com/vulnerabilities/54807 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10047 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A8240 https://rhn.redhat.com/errata/RHSA-2009-1673.html https://rhn.redhat.com/errata/RHSA-2009-1674.html https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00995.html https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01034.html https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01041.html
Share on: