CVE-2009-4102

Metadata

CVE-2009-4102
9.3
forums.mozillazine.org, jvn.jp, jvndb.jvn.jp, debian.org, net-security.org, securityfocus.com, vupen.com, exchange.xforce.ibmcloud.com
2009-11-29
2017-08-17 06:10

Description

Sage 1.4.3 and earlier extension for Firefox performs certain operations with chrome privileges, which allows remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via the description tag of an RSS feed.

Related Vulnerabilities

platform vulnerability
CVE-2009-4102