CVE-2009-3983 (retired)

Priority
Description
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before
2.0.1, allows remote attackers to send authenticated requests to arbitrary
applications by replaying the NTLM credentials of a browser user.
Notes
 jdstrand> CVEs in Firefox are tracked in the xulrunner source packages. The
  mapping of xulrunner sources to firefox is:
xulrunner (1.8.0): firefox (1.5) - Ubuntu 6.06 LTS
xulrunner (1.8.1): firefox (2.0) - Ubuntu 6.10 - 8.04 LTS
xulrunner-1.9: firefox-3.0
xulrunner-1.9.1: firefox-3.5
 jdstrand: Ubuntu 6.06 LTS and 10.04 LTS uses the embedded xulrunner and not
  the system xulrunner-1.9.2, so it is tracked in the firefox source package.
Package
Upstream:needs-triage
Package
Upstream:released (2.0.1)
Package
Upstream:released (2.0.0.24)
Package
Upstream:needs-triage
Package
Upstream:released (1.9.0.16)
Package
Upstream:needs-triage
More Information

Updated: 2019-09-19 15:19:50 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)