CVE-2009-3375

Publication date 29 October 2009

Last updated 24 July 2024

Ubuntu priority

Low

Why this priority?

content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection function.

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
firefox-3.0 9.10 karmic Not in release
9.04 jaunty
Fixed 3.0.15+nobinonly-0ubuntu0.9.04.1
8.10 intrepid
Fixed 3.0.15+nobinonly-0ubuntu0.8.10.1
8.04 LTS hardy
Fixed 3.0.15+nobinonly-0ubuntu0.8.04.1
6.06 LTS dapper Not in release
firefox-3.5 9.10 karmic
Fixed 3.5.4+nobinonly-0ubuntu0.9.10.1
9.04 jaunty
Fixed 3.5.4+nobinonly-0ubuntu0.9.04.1
8.10 intrepid Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release
xulrunner-1.9 9.10 karmic Not in release
9.04 jaunty
Fixed 1.9.0.15+nobinonly-0ubuntu0.9.04.1
8.10 intrepid
Fixed 1.9.0.15+nobinonly-0ubuntu0.8.10.1
8.04 LTS hardy
Fixed 1.9.0.15+nobinonly-0ubuntu0.8.04.1
6.06 LTS dapper Not in release
xulrunner-1.9.1 9.10 karmic
Fixed 1.9.1.4+nobinonly-0ubuntu0.9.10.1
9.04 jaunty
Fixed 1.9.1.4+nobinonly-0ubuntu0.9.04.3
8.10 intrepid Not in release
8.04 LTS hardy Not in release
6.06 LTS dapper Not in release

References

Related Ubuntu Security Notices (USN)

    • USN-853-1
    • Firefox and Xulrunner vulnerabilities
    • 31 October 2009

Other references