Mozilla Firefox Proxy Response Processing Bug Lets Remote Users Execute Arbitrary Code in the Context of an SSL-Protected Domain
|
|
SecurityTracker Alert ID: 1022383 |
|
SecurityTracker URL: http://securitytracker.com/id/1022383
|
|
CVE Reference:
CVE-2009-1836
(Links to External Site)
|
Date: Jun 12 2009
|
Impact:
Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): prior to 3.0.11
|
Description:
A vulnerability was reported in Mozilla Firefox. A remote user can cause arbitrary scripting code to be executed on the target user's system within the context of an SSL-protected domain.
A remote proxy server can return a specially crafted non HTTP 200 message in response to a CONNECT request to cause arbitrary code to be executed within the context of the SSL-protected domain of the request. The code will be incorrectly rendered within the context of the HTTP Host header in the original request.
Mozilla SeaMonkey is affected.
Microsoft security researchers Shuo Chen, Ziqing Mao, Yi-Min Wang, and Ming Zhang reported this vulnerability.
|
Impact:
A remote user can cause arbitrary scripting code to be executed on the target user's system within the context of an SSL-protected domain.
|
Solution:
The vendor has issued a fix (3.0.11).
The vendor's advisory is available at:
http://www.mozilla.org/security/announce/2009/mfsa2009-27.html
|
Vendor URL: www.mozilla.org/security/announce/2009/mfsa2009-27.html (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
Linux (Any), UNIX (Any), Windows (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Thu, 11 Jun 2009 20:56:40 -0400
Subject: http://www.mozilla.org/security/announce/2009/mfsa2009-27.html
|
CVE-2009-1836
|
|
