CVE

Id
41535  
CVE No.
CVE-2009-4100  
Status
Candidate  
Description
Yoono extension before 6.1.1 for Firefox performs certain operations with chrome privileges, which allows user-assisted remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via DOM event handlers such as onload.  
Phase
Assigned (20091128)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
456289 41535 CVE-2009-4100 MISC:http://www.net-security.org/secworld.php?id=8527  View
456290 41535 CVE-2009-4100 CONFIRM:https://addons.mozilla.org/en-US/firefox/addons/versions/1833#version-6.1.1  View
456291 41535 CVE-2009-4100 BID:37123  View
456292 41535 CVE-2009-4100 URL:http://www.securityfocus.com/bid/37123  View
456293 41535 CVE-2009-4100 SECUNIA:37468  View
456294 41535 CVE-2009-4100 URL:http://secunia.com/advisories/37468  View
456295 41535 CVE-2009-4100 VUPEN:ADV-2009-3326  View
456296 41535 CVE-2009-4100 URL:http://www.vupen.com/english/advisories/2009/3326  View
456297 41535 CVE-2009-4100 XF:yoonoo-domevent-xss(54417)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
44142 JVNDB-2009-005149 Joomla! 用の lyftenbloggie コンポーネントにおける SQL インジェクションの脆弱性 Joomla! 用の Lyften Designs LyftenBloggie (com_lyftenbloggie) コンポーネントには、SQL インジェクションの脆弱性が存在します。 CVE-2009-4104 41535 7.5 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-005149.html  View