CVE-2009-0777

CVSS v2.0 5.8 (Medium)

EPSS 0.61 % (79^th)

Affected Products 3

Advisories 5

Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers to spoof URLs and conduct phishing attacks.

Weaknesses

CWE-20: Improper Input Validation

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2009-03-05 02:30:00
(15 years ago)
Updated Date: 2017-09-29 01:34:01
(7 years ago)

Affected Products

Mozilla

Configuration #1

	CPE23	Up To
Mozilla Firefox 3.0.6 and prior versions	cpe:2.3:a:mozilla:firefox	<= 3.0.6
Mozilla Firefox 1.0	cpe:2.3:a:mozilla:firefox:1.0
Mozilla Firefox 1.0.1	cpe:2.3:a:mozilla:firefox:1.0.1
Mozilla Firefox 1.0.2	cpe:2.3:a:mozilla:firefox:1.0.2
Mozilla Firefox 1.0.3	cpe:2.3:a:mozilla:firefox:1.0.3
Mozilla Firefox 1.0.4	cpe:2.3:a:mozilla:firefox:1.0.4
Mozilla Firefox 1.0.5	cpe:2.3:a:mozilla:firefox:1.0.5
Mozilla Firefox 1.0.6	cpe:2.3:a:mozilla:firefox:1.0.6
Mozilla Firefox 1.0.7	cpe:2.3:a:mozilla:firefox:1.0.7
Mozilla Firefox 1.0.8	cpe:2.3:a:mozilla:firefox:1.0.8
Mozilla Firefox 1.5	cpe:2.3:a:mozilla:firefox:1.5
Mozilla Firefox 1.5.0.1	cpe:2.3:a:mozilla:firefox:1.5.0.1
Mozilla Firefox 1.5.0.2	cpe:2.3:a:mozilla:firefox:1.5.0.2
Mozilla Firefox 1.5.0.3	cpe:2.3:a:mozilla:firefox:1.5.0.3
Mozilla Firefox 1.5.0.4	cpe:2.3:a:mozilla:firefox:1.5.0.4
Mozilla Firefox 1.5.0.5	cpe:2.3:a:mozilla:firefox:1.5.0.5
Mozilla Firefox 1.5.0.6	cpe:2.3:a:mozilla:firefox:1.5.0.6
Mozilla Firefox 1.5.0.7	cpe:2.3:a:mozilla:firefox:1.5.0.7
Mozilla Firefox 1.5.0.8	cpe:2.3:a:mozilla:firefox:1.5.0.8
Mozilla Firefox 1.5.0.9	cpe:2.3:a:mozilla:firefox:1.5.0.9
Mozilla Firefox 1.5.0.10	cpe:2.3:a:mozilla:firefox:1.5.0.10
Mozilla Firefox 1.5.0.11	cpe:2.3:a:mozilla:firefox:1.5.0.11
Mozilla Firefox 1.5.0.12	cpe:2.3:a:mozilla:firefox:1.5.0.12
Mozilla Firefox 2.0	cpe:2.3:a:mozilla:firefox:2.0
Mozilla Firefox 2.0.0.1	cpe:2.3:a:mozilla:firefox:2.0.0.1
Mozilla Firefox 2.0.0.2	cpe:2.3:a:mozilla:firefox:2.0.0.2
Mozilla Firefox 2.0.0.3	cpe:2.3:a:mozilla:firefox:2.0.0.3
Mozilla Firefox 2.0.0.4	cpe:2.3:a:mozilla:firefox:2.0.0.4
Mozilla Firefox 2.0.0.5	cpe:2.3:a:mozilla:firefox:2.0.0.5
Mozilla Firefox 2.0.0.6	cpe:2.3:a:mozilla:firefox:2.0.0.6
Mozilla Firefox 2.0.0.7	cpe:2.3:a:mozilla:firefox:2.0.0.7
Mozilla Firefox 2.0.0.8	cpe:2.3:a:mozilla:firefox:2.0.0.8
Mozilla Firefox 2.0.0.9	cpe:2.3:a:mozilla:firefox:2.0.0.9
Mozilla Firefox 2.0.0.10	cpe:2.3:a:mozilla:firefox:2.0.0.10
Mozilla Firefox 2.0.0.11	cpe:2.3:a:mozilla:firefox:2.0.0.11
Mozilla Firefox 2.0.0.12	cpe:2.3:a:mozilla:firefox:2.0.0.12
Mozilla Firefox 2.0.0.13	cpe:2.3:a:mozilla:firefox:2.0.0.13
Mozilla Firefox 2.0.0.14	cpe:2.3:a:mozilla:firefox:2.0.0.14
Mozilla Firefox 2.0.0.15	cpe:2.3:a:mozilla:firefox:2.0.0.15
Mozilla Firefox 2.0.0.16	cpe:2.3:a:mozilla:firefox:2.0.0.16
Mozilla Firefox 2.0.0.17	cpe:2.3:a:mozilla:firefox:2.0.0.17
Mozilla Firefox 2.0.0.18	cpe:2.3:a:mozilla:firefox:2.0.0.18
Mozilla Firefox 2.0.0.19	cpe:2.3:a:mozilla:firefox:2.0.0.19
Mozilla Firefox 2.0.0.20	cpe:2.3:a:mozilla:firefox:2.0.0.20
Mozilla Firefox 3.0	cpe:2.3:a:mozilla:firefox:3.0
Mozilla Firefox 3.0.1	cpe:2.3:a:mozilla:firefox:3.0.1
Mozilla Firefox 3.0.2	cpe:2.3:a:mozilla:firefox:3.0.2
Mozilla Firefox 3.0.3	cpe:2.3:a:mozilla:firefox:3.0.3
Mozilla Firefox 3.0.4	cpe:2.3:a:mozilla:firefox:3.0.4
Mozilla Firefox 3.0.5	cpe:2.3:a:mozilla:firefox:3.0.5
Mozilla Seamonkey 1.1.14 and prior versions	cpe:2.3:a:mozilla:seamonkey	<= 1.1.14
Mozilla Seamonkey 1.0	cpe:2.3:a:mozilla:seamonkey:1.0
Mozilla Seamonkey 1.0.1	cpe:2.3:a:mozilla:seamonkey:1.0.1
Mozilla Seamonkey 1.0.2	cpe:2.3:a:mozilla:seamonkey:1.0.2
Mozilla Seamonkey 1.0.3	cpe:2.3:a:mozilla:seamonkey:1.0.3
Mozilla Seamonkey 1.0.5	cpe:2.3:a:mozilla:seamonkey:1.0.5
Mozilla Seamonkey 1.0.6	cpe:2.3:a:mozilla:seamonkey:1.0.6
Mozilla Seamonkey 1.0.7	cpe:2.3:a:mozilla:seamonkey:1.0.7
Mozilla Seamonkey 1.0.8	cpe:2.3:a:mozilla:seamonkey:1.0.8
Mozilla Seamonkey 1.0.9	cpe:2.3:a:mozilla:seamonkey:1.0.9
Mozilla Seamonkey 1.1	cpe:2.3:a:mozilla:seamonkey:1.1
Mozilla Seamonkey 1.1 Alpha	cpe:2.3:a:mozilla:seamonkey:1.1:alpha
Mozilla Seamonkey 1.1 Beta	cpe:2.3:a:mozilla:seamonkey:1.1:beta
Mozilla Seamonkey 1.1.1	cpe:2.3:a:mozilla:seamonkey:1.1.1
Mozilla Seamonkey 1.1.2	cpe:2.3:a:mozilla:seamonkey:1.1.2
Mozilla Seamonkey 1.1.3	cpe:2.3:a:mozilla:seamonkey:1.1.3
Mozilla Seamonkey 1.1.4	cpe:2.3:a:mozilla:seamonkey:1.1.4
Mozilla Seamonkey 1.1.5	cpe:2.3:a:mozilla:seamonkey:1.1.5
Mozilla Seamonkey 1.1.6	cpe:2.3:a:mozilla:seamonkey:1.1.6
Mozilla Seamonkey 1.1.7	cpe:2.3:a:mozilla:seamonkey:1.1.7
Mozilla Seamonkey 1.1.8	cpe:2.3:a:mozilla:seamonkey:1.1.8
Mozilla Seamonkey 1.1.9	cpe:2.3:a:mozilla:seamonkey:1.1.9
Mozilla Seamonkey 1.1.10	cpe:2.3:a:mozilla:seamonkey:1.1.10
Mozilla Seamonkey 1.1.11	cpe:2.3:a:mozilla:seamonkey:1.1.11
Mozilla Seamonkey 1.1.12	cpe:2.3:a:mozilla:seamonkey:1.1.12
Mozilla Seamonkey 1.1.13	cpe:2.3:a:mozilla:seamonkey:1.1.13
Mozilla Thunderbird 2.0.0.20 and prior versions	cpe:2.3:a:mozilla:thunderbird	<= 2.0.0.20
Mozilla Thunderbird 2.0.0.0	cpe:2.3:a:mozilla:thunderbird:2.0.0.0
Mozilla Thunderbird 2.0.0.4	cpe:2.3:a:mozilla:thunderbird:2.0.0.4
Mozilla Thunderbird 2.0.0.5	cpe:2.3:a:mozilla:thunderbird:2.0.0.5
Mozilla Thunderbird 2.0.0.6	cpe:2.3:a:mozilla:thunderbird:2.0.0.6
Mozilla Thunderbird 2.0.0.9	cpe:2.3:a:mozilla:thunderbird:2.0.0.9
Mozilla Thunderbird 2.0.0.12	cpe:2.3:a:mozilla:thunderbird:2.0.0.12
Mozilla Thunderbird 2.0.0.14	cpe:2.3:a:mozilla:thunderbird:2.0.0.14
Mozilla Thunderbird 2.0.0.16	cpe:2.3:a:mozilla:thunderbird:2.0.0.16
Mozilla Thunderbird 2.0.0.17	cpe:2.3:a:mozilla:thunderbird:2.0.0.17
Mozilla Thunderbird 2.0.0.18	cpe:2.3:a:mozilla:thunderbird:2.0.0.18
Mozilla Thunderbird 2.0.0.19	cpe:2.3:a:mozilla:thunderbird:2.0.0.19