1
PublicDateAtUSN: 2009-12-15
2
Candidate: CVE-2009-3986
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3986
6
https://usn.ubuntu.com/usn/usn-874-1
7
https://usn.ubuntu.com/usn/usn-873-1
9
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before
10
2.0.1, allows remote attackers to execute arbitrary JavaScript with chrome
11
privileges by leveraging a reference to a chrome window from a content
12
window, related to the window.opener property.
21
upstream_firefox: needs-triage
22
dapper_firefox: ignored (reached end-of-life)
23
hardy_firefox: ignored (uses system xulrunner)
27
lucid_firefox: not-affected
28
devel_firefox: not-affected
31
Patches_xulrunner-1.9:
32
upstream_xulrunner-1.9: released (1.9.0.16)
33
dapper_xulrunner-1.9: DNE
34
hardy_xulrunner-1.9: released (1.9.0.16+nobinonly-0ubuntu0.8.04.1)
35
intrepid_xulrunner-1.9: released (1.9.0.16+nobinonly-0ubuntu0.8.10.1)
36
jaunty_xulrunner-1.9: released (1.9.0.16+nobinonly-0ubuntu0.9.04.1)
37
karmic_xulrunner-1.9: DNE
38
lucid_xulrunner-1.9: DNE
39
devel_xulrunner-1.9: DNE
41
Patches_xulrunner-1.9.1:
42
upstream_xulrunner-1.9.1: needs-triage
43
dapper_xulrunner-1.9.1: DNE
44
hardy_xulrunner-1.9.1: DNE
45
intrepid_xulrunner-1.9.1: DNE
46
jaunty_xulrunner-1.9.1: released (1.9.1.6+nobinonly-0ubuntu0.9.04.1)
47
karmic_xulrunner-1.9.1: released (1.9.1.6+nobinonly-0ubuntu0.9.10.1)
48
lucid_xulrunner-1.9.1: DNE
49
devel_xulrunner-1.9.1: DNE
53
upstream_seamonkey: released (2.0.1)
55
hardy_seamonkey: released (2.0.8+build1+nobinonly-0ubuntu0.8.04.1)
56
intrepid_seamonkey: needed (reached end-of-life)
57
jaunty_seamonkey: released (2.0.8+build1+nobinonly-0ubuntu0.9.04.1)
58
karmic_seamonkey: released (2.0.8+build1+nobinonly-0ubuntu0.9.10.1)
59
lucid_seamonkey: released (2.0.8+build1+nobinonly-0ubuntu0.10.04.1)
60
devel_seamonkey: not-affected (2.0.4+nobinonly-0ubuntu1)