CVE-2009-4129
Published: 14 December 2009
Race condition in Mozilla Firefox allows remote attackers to produce a JavaScript message with a spoofed domain association by writing the message in between the document request and document load for a web page in a different domain.
Notes
Author | Note |
---|---|
jdstrand | CVEs in Firefox are tracked in the xulrunner source packages. The mapping of xulrunner sources to firefox is: xulrunner (1.8.0): firefox (1.5) - Ubuntu 6.06 LTS xulrunner (1.8.1): firefox (2.0) - Ubuntu 6.10 - 8.04 LTS xulrunner-1.9: firefox-3.0 xulrunner-1.9.1: firefox-3.5 Ubuntu 6.06 LTS and 10.04 LTS uses the embedded xulrunner and not the system xulrunner-1.9.2, so it is tracked in the firefox source package. |
Priority
Status
Package | Release | Status |
---|---|---|
xulrunner-1.9.1 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Ignored
|
|
karmic |
Ignored
|
|
upstream |
Ignored
|