1
PublicDateAtUSN: 2010-02-17
2
Candidate: CVE-2009-3988
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3988
6
http://www.mozilla.org/security/announce/2010/mfsa2010-04.html
7
https://usn.ubuntu.com/usn/usn-896-1
8
https://usn.ubuntu.com/usn/usn-895-1
10
Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey
11
before 2.0.3, does not properly restrict read access to object properties
12
in showModalDialog, which allows remote attackers to bypass the Same Origin
13
Policy and conduct cross-site scripting (XSS) attacks via crafted
14
dialogArguments values.
19
Discovered-by: Hidetake Jo
23
upstream_firefox: released (3.6)
24
dapper_firefox: ignored (reached end-of-life)
25
hardy_firefox: not-affected
29
lucid_firefox: not-affected
30
devel_firefox: not-affected
33
Patches_xulrunner-1.9:
34
upstream_xulrunner-1.9: released (1.9.0.18)
35
dapper_xulrunner-1.9: DNE
36
hardy_xulrunner-1.9: released (1.9.0.18+build1+nobinonly-0ubuntu0.8.04.1)
37
intrepid_xulrunner-1.9: released (1.9.0.18+build1+nobinonly-0ubuntu0.8.10.1)
38
jaunty_xulrunner-1.9: released (1.9.0.18+build1+nobinonly-0ubuntu0.9.04.1)
39
karmic_xulrunner-1.9: DNE
40
lucid_xulrunner-1.9: DNE
41
devel_xulrunner-1.9: DNE
43
Patches_xulrunner-1.9.1:
44
upstream_xulrunner-1.9.1: released (1.9.1.8)
45
dapper_xulrunner-1.9.1: DNE
46
hardy_xulrunner-1.9.1: DNE
47
intrepid_xulrunner-1.9.1: DNE
48
jaunty_xulrunner-1.9.1: released (1.9.1.8+build1+nobinonly-0ubuntu0.9.04.1)
49
karmic_xulrunner-1.9.1: released (1.9.1.8+build1+nobinonly-0ubuntu0.9.10.1)
50
lucid_xulrunner-1.9.1: DNE
51
devel_xulrunner-1.9.1: DNE
55
upstream_seamonkey: released (2.0.3)
57
hardy_seamonkey: released (2.0.8+build1+nobinonly-0ubuntu0.8.04.1)
58
intrepid_seamonkey: needed (reached end-of-life)
59
jaunty_seamonkey: released (2.0.8+build1+nobinonly-0ubuntu0.9.04.1)
60
karmic_seamonkey: released (2.0.8+build1+nobinonly-0ubuntu0.9.10.1)
61
lucid_seamonkey: released (2.0.8+build1+nobinonly-0ubuntu0.10.04.1)
62
devel_seamonkey: not-affected (2.0.4+nobinonly-0ubuntu1)
66
Priority_thunderbird: negligible
67
upstream_thunderbird: released (3.0.2)
68
dapper_thunderbird: DNE
69
hardy_thunderbird: not-affected
70
intrepid_thunderbird: not-affected
71
jaunty_thunderbird: not-affected
72
karmic_thunderbird: not-affected
73
lucid_thunderbird: not-affected (3.0.3+nobinonly-0ubuntu1)
74
devel_thunderbird: not-affected (3.0.3+nobinonly-0ubuntu1)
76
Patches_mozilla-thunderbird:
77
Priority_mozilla-thunderbird: negligible
78
upstream_mozilla-thunderbird: needs-triage
79
dapper_mozilla-thunderbird: ignored (reached end-of-life)
80
hardy_mozilla-thunderbird: DNE
81
intrepid_mozilla-thunderbird: DNE
82
jaunty_mozilla-thunderbird: DNE
83
karmic_mozilla-thunderbird: DNE
84
lucid_mozilla-thunderbird: DNE
85
devel_mozilla-thunderbird: DNE