What is the severity of CVE-2009-0777?

CVE-2009-0777 is rated as a moderate severity vulnerability due to its potential to enable phishing attacks through URL spoofing.

How do I fix CVE-2009-0777?

To fix CVE-2009-0777, update your Mozilla Firefox, Thunderbird, or SeaMonkey to the latest version available, specifically version 3.0.7 or later for Firefox, version 2.0.0.21 or later for Thunderbird, and version 1.1.15 or later for SeaMonkey.

What systems are affected by CVE-2009-0777?

CVE-2009-0777 affects outdated versions of Mozilla Firefox prior to 3.0.7, Thunderbird prior to 2.0.0.21, and SeaMonkey prior to 1.1.15.

How does CVE-2009-0777 work?

CVE-2009-0777 works by allowing invisible characters to be decoded in the location bar, which can lead to misrepresentation of URLs and increase the likelihood of successful phishing attempts.

Is CVE-2009-0777 being actively exploited?

While CVE-2009-0777 has the potential for exploitation, there are no confirmed reports of active exploitation in the wild as of now.

Vulnerability/
CVE-2009-0777

medium

5.8

CWE

5/3/2009

29/9/2017

CVE-2009-0777: Input Validation

First published: Thu Mar 05 2009(Updated: )

Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers to spoof URLs and conduct phishing attacks.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Mozilla Firefox	<=3.0.6
Mozilla Firefox	=1.0
Mozilla Firefox	=1.0.1
Mozilla Firefox	=1.0.2
Mozilla Firefox	=1.0.3
Mozilla Firefox	=1.0.4
Mozilla Firefox	=1.0.5
Mozilla Firefox	=1.0.6
Mozilla Firefox	=1.0.7
Mozilla Firefox	=1.0.8
Mozilla Firefox	=1.5
Mozilla Firefox	=1.5.0.1
Mozilla Firefox	=1.5.0.2
Mozilla Firefox	=1.5.0.3
Mozilla Firefox	=1.5.0.4
Mozilla Firefox	=1.5.0.5
Mozilla Firefox	=1.5.0.6
Mozilla Firefox	=1.5.0.7
Mozilla Firefox	=1.5.0.8
Mozilla Firefox	=1.5.0.9
Mozilla Firefox	=1.5.0.10
Mozilla Firefox	=1.5.0.11
Mozilla Firefox	=1.5.0.12
Mozilla Firefox	=2.0
Mozilla Firefox	=2.0.0.1
Mozilla Firefox	=2.0.0.2
Mozilla Firefox	=2.0.0.3
Mozilla Firefox	=2.0.0.4
Mozilla Firefox	=2.0.0.5
Mozilla Firefox	=2.0.0.6
Mozilla Firefox	=2.0.0.7
Mozilla Firefox	=2.0.0.8
Mozilla Firefox	=2.0.0.9
Mozilla Firefox	=2.0.0.10
Mozilla Firefox	=2.0.0.11
Mozilla Firefox	=2.0.0.12
Mozilla Firefox	=2.0.0.13
Mozilla Firefox	=2.0.0.14
Mozilla Firefox	=2.0.0.15
Mozilla Firefox	=2.0.0.16
Mozilla Firefox	=2.0.0.17
Mozilla Firefox	=2.0.0.18
Mozilla Firefox	=2.0.0.19
Mozilla Firefox	=2.0.0.20
Mozilla Firefox	=3.0
Mozilla Firefox	=3.0.1
Mozilla Firefox	=3.0.2
Mozilla Firefox	=3.0.3
Mozilla Firefox	=3.0.4
Mozilla Firefox	=3.0.5
Mozilla SeaMonkey	<=1.1.14
Mozilla SeaMonkey	=1.0
Mozilla SeaMonkey	=1.0.1
Mozilla SeaMonkey	=1.0.2
Mozilla SeaMonkey	=1.0.3
Mozilla SeaMonkey	=1.0.5
Mozilla SeaMonkey	=1.0.6
Mozilla SeaMonkey	=1.0.7
Mozilla SeaMonkey	=1.0.8
Mozilla SeaMonkey	=1.0.9
Mozilla SeaMonkey	=1.1
Mozilla SeaMonkey	=1.1-alpha
Mozilla SeaMonkey	=1.1-beta
Mozilla SeaMonkey	=1.1.1
Mozilla SeaMonkey	=1.1.2
Mozilla SeaMonkey	=1.1.3
Mozilla SeaMonkey	=1.1.4
Mozilla SeaMonkey	=1.1.5
Mozilla SeaMonkey	=1.1.6
Mozilla SeaMonkey	=1.1.7
Mozilla SeaMonkey	=1.1.8
Mozilla SeaMonkey	=1.1.9
Mozilla SeaMonkey	=1.1.10
Mozilla SeaMonkey	=1.1.11
Mozilla SeaMonkey	=1.1.12
Mozilla SeaMonkey	=1.1.13
Mozilla Thunderbird	<=2.0.0.20
Mozilla Thunderbird	=2.0.0.0
Mozilla Thunderbird	=2.0.0.4
Mozilla Thunderbird	=2.0.0.5
Mozilla Thunderbird	=2.0.0.6
Mozilla Thunderbird	=2.0.0.9
Mozilla Thunderbird	=2.0.0.12
Mozilla Thunderbird	=2.0.0.14
Mozilla Thunderbird	=2.0.0.16
Mozilla Thunderbird	=2.0.0.17
Mozilla Thunderbird	=2.0.0.18
Mozilla Thunderbird	=2.0.0.19

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-0777?
CVE-2009-0777 is rated as a moderate severity vulnerability due to its potential to enable phishing attacks through URL spoofing.
How do I fix CVE-2009-0777?
To fix CVE-2009-0777, update your Mozilla Firefox, Thunderbird, or SeaMonkey to the latest version available, specifically version 3.0.7 or later for Firefox, version 2.0.0.21 or later for Thunderbird, and version 1.1.15 or later for SeaMonkey.
What systems are affected by CVE-2009-0777?
CVE-2009-0777 affects outdated versions of Mozilla Firefox prior to 3.0.7, Thunderbird prior to 2.0.0.21, and SeaMonkey prior to 1.1.15.
How does CVE-2009-0777 work?
CVE-2009-0777 works by allowing invisible characters to be decoded in the location bar, which can lead to misrepresentation of URLs and increase the likelihood of successful phishing attempts.
Is CVE-2009-0777 being actively exploited?
While CVE-2009-0777 has the potential for exploitation, there are no confirmed reports of active exploitation in the wild as of now.

agent/references
agent/severity
agent/author
agent/type
agent/event
agent/weakness
agent/description
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/mozilla
canonical/mozilla seamonkey
version/mozilla seamonkey/1.1.10
version/mozilla seamonkey/1.0.3
canonical/mozilla firefox
version/mozilla firefox/2.0.0.12
canonical/mozilla thunderbird
version/mozilla thunderbird/2.0.0.4
version/mozilla seamonkey/1.1.8
version/mozilla seamonkey/1.0.1
version/mozilla seamonkey/1.1.7
version/mozilla thunderbird/2.0.0.6
version/mozilla seamonkey/1.0.6
version/mozilla firefox/1.5.0.6
version/mozilla seamonkey/1.0.9
version/mozilla seamonkey/1.1.14
version/mozilla seamonkey/1.1.3
version/mozilla firefox/2.0.0.2
version/mozilla firefox/1.5.0.10
version/mozilla firefox/1.5.0.3
version/mozilla seamonkey/1.0
version/mozilla firefox/1.5.0.11
version/mozilla thunderbird/2.0.0.18
version/mozilla thunderbird/2.0.0.9
version/mozilla seamonkey/1.1.5
version/mozilla seamonkey/1.0.7
version/mozilla firefox/1.0.2
version/mozilla firefox/3.0.4
version/mozilla seamonkey/1.1-alpha
version/mozilla thunderbird/2.0.0.16
version/mozilla firefox/3.0.5
version/mozilla firefox/1.5
version/mozilla firefox/1.0.4
version/mozilla firefox/2.0.0.7
version/mozilla firefox/1.0.7
version/mozilla seamonkey/1.1.12
version/mozilla seamonkey/1.1
version/mozilla firefox/2.0.0.9
version/mozilla firefox/2.0.0.16
version/mozilla thunderbird/2.0.0.20
version/mozilla firefox/2.0.0.17
version/mozilla seamonkey/1.1.2
version/mozilla firefox/2.0.0.15
version/mozilla seamonkey/1.0.2
version/mozilla seamonkey/1.0.8
version/mozilla thunderbird/2.0.0.0
version/mozilla seamonkey/1.1.11
version/mozilla firefox/1.0
version/mozilla firefox/3.0.3
version/mozilla seamonkey/1.1-beta
version/mozilla seamonkey/1.1.1
version/mozilla firefox/1.5.0.7
version/mozilla thunderbird/2.0.0.12
version/mozilla firefox/2.0
version/mozilla firefox/1.0.1
version/mozilla firefox/2.0.0.14
version/mozilla seamonkey/1.0.5
version/mozilla thunderbird/2.0.0.14
version/mozilla firefox/1.5.0.8
version/mozilla firefox/2.0.0.3
version/mozilla firefox/1.5.0.9
version/mozilla thunderbird/2.0.0.17
version/mozilla firefox/1.5.0.5
version/mozilla firefox/1.5.0.12
version/mozilla firefox/2.0.0.6
version/mozilla seamonkey/1.1.6
version/mozilla firefox/3.0
version/mozilla firefox/2.0.0.11
version/mozilla firefox/1.5.0.2
version/mozilla firefox/1.0.3
version/mozilla firefox/3.0.1
version/mozilla firefox/2.0.0.4
version/mozilla firefox/2.0.0.13
version/mozilla firefox/2.0.0.18
version/mozilla firefox/3.0.6
version/mozilla firefox/2.0.0.1
version/mozilla firefox/3.0.2
version/mozilla thunderbird/2.0.0.5
version/mozilla seamonkey/1.1.9
version/mozilla seamonkey/1.1.13
version/mozilla firefox/2.0.0.20
version/mozilla firefox/2.0.0.8
version/mozilla firefox/2.0.0.19
version/mozilla firefox/1.5.0.4
version/mozilla firefox/1.5.0.1
version/mozilla firefox/1.0.5
version/mozilla firefox/2.0.0.5
version/mozilla firefox/2.0.0.10
version/mozilla thunderbird/2.0.0.19
version/mozilla firefox/1.0.6
version/mozilla seamonkey/1.1.4
version/mozilla firefox/1.0.8

CVE-2009-0777: Input Validation

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-0777?

How do I fix CVE-2009-0777?

What systems are affected by CVE-2009-0777?

How does CVE-2009-0777 work?

Is CVE-2009-0777 being actively exploited?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2009-0777?

How do I fix CVE-2009-0777?

What systems are affected by CVE-2009-0777?

How does CVE-2009-0777 work?

Is CVE-2009-0777 being actively exploited?