CVE-2009-2654 (GCVE-0-2009-2654)

Vulnerability from cvelistv5 – Published: 2009-08-03 14:00 – Updated: 2024-08-07 05:59
VLAI?
Summary
Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.vupen.com/english/advisories/2009/2142 vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/36141 third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/2006 vdb-entryx_refsource_VUPEN
http://www.securityfocus.com/archive/1/505265 mailing-listx_refsource_BUGTRAQ
http://www.redhat.com/support/errata/RHSA-2009-14… vendor-advisoryx_refsource_REDHAT
http://blog.mozilla.com/security/2009/07/28/url-b… x_refsource_CONFIRM
http://sunsolve.sun.com/search/document.do?assetk… vendor-advisoryx_refsource_SUNALERT
https://bugzilla.mozilla.org/show_bug.cgi?id=451898 x_refsource_CONFIRM
http://secunia.com/advisories/36001 third-party-advisoryx_refsource_SECUNIA
https://usn.ubuntu.com/811-1/ vendor-advisoryx_refsource_UBUNTU
http://www.securityfocus.com/bid/35803 vdb-entryx_refsource_BID
http://secunia.com/advisories/36670 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/36669 third-party-advisoryx_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
http://secunia.com/advisories/36126 third-party-advisoryx_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2009-14… vendor-advisoryx_refsource_REDHAT
http://www.mozilla.org/security/announce/2009/mfs… x_refsource_CONFIRM
https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
http://www.securityfocus.com/archive/1/505242/30/… mailing-listx_refsource_BUGTRAQ
http://osvdb.org/56717 vdb-entryx_refsource_OSVDB
http://www.securitytracker.com/id?1022603 vdb-entryx_refsource_SECTRACK
http://es.geocities.com/jplopezy/firefoxspoofing.html x_refsource_MISC
http://www.debian.org/security/2009/dsa-1873 vendor-advisoryx_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2009-14… vendor-advisoryx_refsource_REDHAT
http://secunia.com/advisories/36435 third-party-advisoryx_refsource_SECUNIA
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:59:56.565Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2009-2142",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2142"
          },
          {
            "name": "36141",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36141"
          },
          {
            "name": "ADV-2009-2006",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2006"
          },
          {
            "name": "20090727 Re: URL spoofing bug involving Firefox\u0027s error pages and document.write",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/505265"
          },
          {
            "name": "RHSA-2009:1430",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1430.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blog.mozilla.com/security/2009/07/28/url-bar-spoofing-vulnerability/"
          },
          {
            "name": "266148",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-266148-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=451898"
          },
          {
            "name": "36001",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36001"
          },
          {
            "name": "USN-811-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/811-1/"
          },
          {
            "name": "35803",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35803"
          },
          {
            "name": "36670",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36670"
          },
          {
            "name": "36669",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36669"
          },
          {
            "name": "oval:org.mitre.oval:def:9686",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9686"
          },
          {
            "name": "FEDORA-2009-8288",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00261.html"
          },
          {
            "name": "36126",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36126"
          },
          {
            "name": "RHSA-2009:1432",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1432.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-44.html"
          },
          {
            "name": "FEDORA-2009-8279",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00198.html"
          },
          {
            "name": "20090724 URL spoofing bug involving Firefox\u0027s error pages and document.write",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/505242/30/0/threaded"
          },
          {
            "name": "56717",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/56717"
          },
          {
            "name": "1022603",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022603"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://es.geocities.com/jplopezy/firefoxspoofing.html"
          },
          {
            "name": "DSA-1873",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1873"
          },
          {
            "name": "RHSA-2009:1431",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1431.html"
          },
          {
            "name": "36435",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36435"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-07-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-03T20:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2009-2142",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2142"
        },
        {
          "name": "36141",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36141"
        },
        {
          "name": "ADV-2009-2006",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2006"
        },
        {
          "name": "20090727 Re: URL spoofing bug involving Firefox\u0027s error pages and document.write",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/505265"
        },
        {
          "name": "RHSA-2009:1430",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1430.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blog.mozilla.com/security/2009/07/28/url-bar-spoofing-vulnerability/"
        },
        {
          "name": "266148",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-266148-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=451898"
        },
        {
          "name": "36001",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36001"
        },
        {
          "name": "USN-811-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/811-1/"
        },
        {
          "name": "35803",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35803"
        },
        {
          "name": "36670",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36670"
        },
        {
          "name": "36669",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36669"
        },
        {
          "name": "oval:org.mitre.oval:def:9686",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9686"
        },
        {
          "name": "FEDORA-2009-8288",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00261.html"
        },
        {
          "name": "36126",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36126"
        },
        {
          "name": "RHSA-2009:1432",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1432.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-44.html"
        },
        {
          "name": "FEDORA-2009-8279",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00198.html"
        },
        {
          "name": "20090724 URL spoofing bug involving Firefox\u0027s error pages and document.write",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/505242/30/0/threaded"
        },
        {
          "name": "56717",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/56717"
        },
        {
          "name": "1022603",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022603"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://es.geocities.com/jplopezy/firefoxspoofing.html"
        },
        {
          "name": "DSA-1873",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1873"
        },
        {
          "name": "RHSA-2009:1431",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1431.html"
        },
        {
          "name": "36435",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36435"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-2654",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2009-2142",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/2142"
            },
            {
              "name": "36141",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36141"
            },
            {
              "name": "ADV-2009-2006",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/2006"
            },
            {
              "name": "20090727 Re: URL spoofing bug involving Firefox\u0027s error pages and document.write",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/505265"
            },
            {
              "name": "RHSA-2009:1430",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2009-1430.html"
            },
            {
              "name": "http://blog.mozilla.com/security/2009/07/28/url-bar-spoofing-vulnerability/",
              "refsource": "CONFIRM",
              "url": "http://blog.mozilla.com/security/2009/07/28/url-bar-spoofing-vulnerability/"
            },
            {
              "name": "266148",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-266148-1"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=451898",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=451898"
            },
            {
              "name": "36001",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36001"
            },
            {
              "name": "USN-811-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/811-1/"
            },
            {
              "name": "35803",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35803"
            },
            {
              "name": "36670",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36670"
            },
            {
              "name": "36669",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36669"
            },
            {
              "name": "oval:org.mitre.oval:def:9686",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9686"
            },
            {
              "name": "FEDORA-2009-8288",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00261.html"
            },
            {
              "name": "36126",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36126"
            },
            {
              "name": "RHSA-2009:1432",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2009-1432.html"
            },
            {
              "name": "http://www.mozilla.org/security/announce/2009/mfsa2009-44.html",
              "refsource": "CONFIRM",
              "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-44.html"
            },
            {
              "name": "FEDORA-2009-8279",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00198.html"
            },
            {
              "name": "20090724 URL spoofing bug involving Firefox\u0027s error pages and document.write",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/505242/30/0/threaded"
            },
            {
              "name": "56717",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/56717"
            },
            {
              "name": "1022603",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022603"
            },
            {
              "name": "http://es.geocities.com/jplopezy/firefoxspoofing.html",
              "refsource": "MISC",
              "url": "http://es.geocities.com/jplopezy/firefoxspoofing.html"
            },
            {
              "name": "DSA-1873",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1873"
            },
            {
              "name": "RHSA-2009:1431",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2009-1431.html"
            },
            {
              "name": "36435",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36435"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-2654",
    "datePublished": "2009-08-03T14:00:00.000Z",
    "dateReserved": "2009-08-03T00:00:00.000Z",
    "dateUpdated": "2024-08-07T05:59:56.565Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.