CVE-2009-3079

NameCVE-2009-3079
DescriptionUnspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1886-1
NVD severityhigh (attack range: remote)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
iceweaselsource(unstable)3.0.14-1high
iceweaselsourceetch(unfixed)end-of-life
iceweaselsourcelenny3.0.6-3highDSA-1886-1

Notes

[etch] - iceweasel <end-of-life> (Mozilla packages from oldstable no longer covered by security support)

Search for package or bug name: Reporting problems