CVE-2009-4630

Mozilla Necko, as used in Firefox, SeaMonkey, and other applications, performs DNS prefetching of domain names contained in links within local HTML documents, which makes it easier for remote attackers to determine the network location of the application's user by logging DNS requests. NOTE: the vendor disputes the significance of this issue, stating "I don't think we necessarily need to worry about that case."
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:10

Type Values Removed Values Added
References () https://bugzilla.mozilla.org/show_bug.cgi?id=453403 - () https://bugzilla.mozilla.org/show_bug.cgi?id=453403 -
References () https://bugzilla.mozilla.org/show_bug.cgi?id=492196 - () https://bugzilla.mozilla.org/show_bug.cgi?id=492196 -

Information

Published : 2010-01-29 18:30

Updated : 2024-11-21 01:10


NVD link : CVE-2009-4630

Mitre link : CVE-2009-4630

CVE.ORG link : CVE-2009-4630


JSON object : View

Products Affected

mozilla

  • firefox
  • seamonkey
  • thunderbird
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor