CVE-2009-3478

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2009-3478
Argument injection vulnerability in (1) src/content/js/connection/sftp.js and (2) src/content/js/connection/controlSocket.js.in in FireFTP Extension 1.0.5 for Firefox allows remote authenticated SFTP users to cause victims to alter permissions, delete, download, or move the wrong file via a filename containing " (double quotes), which is not properly filtered or encoded when FireFTP constructs the command to send to psftp.exe.

6.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:S/C:P/I:P/A:P

Exploitability : 6.8 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://secunia.com/advisories/36860 Vendor Advisory
http://vuln.sg/fireftp105-en.html Exploit
http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.74%3Br2=1.75%3Bf=h
http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.75%3Br2=1.76%3Bf=h
http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/sftp.js.diff?r1=1.8%3Br2=1.9%3Bf=h
http://www.securityfocus.com/bid/36536 Patch
http://secunia.com/advisories/36860 Vendor Advisory
http://vuln.sg/fireftp105-en.html Exploit
http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.74%3Br2=1.75%3Bf=h
http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.75%3Br2=1.76%3Bf=h
http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/sftp.js.diff?r1=1.8%3Br2=1.9%3Bf=h
http://www.securityfocus.com/bid/36536 Patch
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:nightlight:fireftp:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
History

21 Nov 2024, 01:07

Type Values Removed Values Added
References () http://secunia.com/advisories/36860 - Vendor Advisory () http://secunia.com/advisories/36860 - Vendor Advisory
References () http://vuln.sg/fireftp105-en.html - Exploit () http://vuln.sg/fireftp105-en.html - Exploit
References () http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.74%3Br2=1.75%3Bf=h - () http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.74%3Br2=1.75%3Bf=h -
References () http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.75%3Br2=1.76%3Bf=h - () http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.75%3Br2=1.76%3Bf=h -
References () http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/sftp.js.diff?r1=1.8%3Br2=1.9%3Bf=h - () http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/sftp.js.diff?r1=1.8%3Br2=1.9%3Bf=h -
References () http://www.securityfocus.com/bid/36536 - Patch () http://www.securityfocus.com/bid/36536 - Patch
Information

Published : 2009-09-29 23:30

Updated : 2024-11-21 01:07

NVD link : CVE-2009-3478

Mitre link : CVE-2009-3478

CVE.ORG link : CVE-2009-3478

JSON object : View

Products Affected

nightlight

  • fireftp

mozilla

  • firefox
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')