CVE-2009-3374

high

Description

The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to "doubly-wrapped objects."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9789

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6565

https://bugzilla.mozilla.org/show_bug.cgi?id=505988

http://www.vupen.com/english/advisories/2009/3334

http://www.mozilla.org/security/announce/2009/mfsa2009-57.html

http://www.mandriva.com/security/advisories?name=MDVSA-2009:294

http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1

Details

Source: Mitre, NVD

Published: 2009-10-29

Updated: 2017-09-19

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High