exploits , vulnerabilities , articles , Mozilla Firefox and SeaMonkey Proxy Auto-Configuration File Remote Code Execution Vulnerability

Title	Mozilla Firefox and SeaMonkey Proxy Auto-Configuration File Remote Code Execution Vulnerability
Published	2009-10-27-12:00AM
Updated	2009-11-03-10:47AM
Class	Unknown
CVE	CVE-2009-3372
Remote	Yes
Local	No
Credit	Marco C.
Vulnerable	Slackware Linux 13.0 x86_64 Slackware Linux 13.0 Slackware Linux 12.2 Slackware Linux 12.0 Slackware Linux 11.0 Slackware Linux current RedHat Fedora 11 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux Desktop Workstation 5 client RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux AS 4 RedHat Enterprise Linux AS 3 RedHat Enterprise Linux Desktop version 4 RedHat Enterprise Linux 5 server RedHat Desktop 3.0 Mozilla SeaMonkey 1.1.17 Mozilla SeaMonkey 1.1.16 Mozilla SeaMonkey 1.1.15 Mozilla SeaMonkey 1.1.15 Mozilla SeaMonkey 1.1.14 Mozilla SeaMonkey 1.1.13 Mozilla SeaMonkey 1.1.12 Mozilla SeaMonkey 1.1.11 Mozilla SeaMonkey 1.1.10 Mozilla SeaMonkey 1.1.9 Mozilla SeaMonkey 1.1.8 Mozilla SeaMonkey 1.1.7 Mozilla SeaMonkey 1.1.6 Mozilla SeaMonkey 1.1.5 Mozilla SeaMonkey 1.1.4 Mozilla SeaMonkey 1.1.3 Mozilla SeaMonkey 1.1.2 Mozilla SeaMonkey 1.1.1 Mozilla SeaMonkey 1.0.99 Mozilla SeaMonkey 1.0.9 Mozilla SeaMonkey 1.0.8 Mozilla SeaMonkey 1.0.7 Mozilla SeaMonkey 1.0.6 Mozilla SeaMonkey 1.0.5 Mozilla SeaMonkey 1.0.3 Mozilla SeaMonkey 1.0.2 Mozilla SeaMonkey 1.0.1 Mozilla SeaMonkey 1.1 beta Mozilla SeaMonkey 1.0 dev Mozilla SeaMonkey 1.0 Mozilla Firefox 3.5.3 Mozilla Firefox 3.5.2 Mozilla Firefox 3.5.1 Mozilla Firefox 3.5 Mozilla Firefox 3.0.14 Mozilla Firefox 3.0.13 Mozilla Firefox 3.0.12 Mozilla Firefox 3.0.11 Mozilla Firefox 3.0.10 Mozilla Firefox 3.0.9 Mozilla Firefox 3.0.8 Mozilla Firefox 3.0.7 Mozilla Firefox 3.0.6 Mozilla Firefox 3.0.5 Mozilla Firefox 3.0.4 Mozilla Firefox 3.0.3 Mozilla Firefox 3.0.2 Mozilla Firefox 3.0.1 Mozilla Firefox 3.0 MandrakeSoft Linux Mandrake 2009.1 x86_64 MandrakeSoft Linux Mandrake 2009.1 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 Debian Linux 5.0 sparc Debian Linux 5.0 s/390 Debian Linux 5.0 powerpc Debian Linux 5.0 mipsel Debian Linux 5.0 mips Debian Linux 5.0 m68k Debian Linux 5.0 ia64 Debian Linux 5.0 ia32 Debian Linux 5.0 hppa Debian Linux 5.0 armel Debian Linux 5.0 arm Debian Linux 5.0 amd64 Debian Linux 5.0 alpha Debian Linux 5.0
Not Vulnerable	Mozilla SeaMonkey 2.0 Mozilla Firefox 3.5.4 Mozilla Firefox 3.0.15
Code	Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: content@securitydot.net.
TXT

Vulnerabilities - newest 10 RSS | More

2009-11-20 IBM Rational Products Multiple Cross Site Scripting Vulnerabilities
2009-11-20 PHP Versions Prior to 5.3.1 Multiple Vulnerabilities
2009-11-19 MySQL MyISAM Table Symbolic Link Local Privilege Escalation Vulnerability
2009-11-19 Multiple Citrix Products Unspecified SSL/TLS Certificate Spoofing Vulnerability
2009-11-19 Drupal Node Hierarchy Module Node Title HTML Injection Vulnerability
2009-11-19 file CDF File Parsing Multiple Buffer Overflow Vulnerabilities
2009-11-19 WebKit Multiple Remote Code Execution, Denial of Service, and Information Disclosure Vulnerabilities
2009-11-19 Simplog Multiple Remote Vulnerabilities
1970-01-01 Bugzilla Bug Alias Information Disclosure Vulnerability