What is the severity of CVE-2009-3985?

CVE-2009-3985 is classified as a moderate severity vulnerability.

How do I fix CVE-2009-3985?

To mitigate CVE-2009-3985, upgrade to Mozilla Firefox version 3.0.16 or later, or SeaMonkey version 2.0.1 or later.

Which versions of Firefox are affected by CVE-2009-3985?

CVE-2009-3985 affects Firefox versions prior to 3.0.16 and 3.5.x before 3.5.6.

Which versions of SeaMonkey are impacted by CVE-2009-3985?

SeaMonkey versions prior to 2.0.1 are affected by CVE-2009-3985.

What type of vulnerability is CVE-2009-3985?

CVE-2009-3985 is a vulnerability that allows remote attackers to spoof content associated with an invalid URL.

Vulnerability/
CVE-2009-3985

medium

6.8

CWE

NVD-CWE-Other

11/12/2009

17/12/2009

7/8/2024

CVE-2009-3985

First published: Fri Dec 11 2009(Updated: )

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Mozilla Firefox	<=3.0.15
Mozilla Firefox	=0.1
Mozilla Firefox	=0.2
Mozilla Firefox	=0.3
Mozilla Firefox	=0.4
Mozilla Firefox	=0.5
Mozilla Firefox	=0.6
Mozilla Firefox	=0.6.1
Mozilla Firefox	=0.7
Mozilla Firefox	=0.7.1
Mozilla Firefox	=0.8
Mozilla Firefox	=0.9
Mozilla Firefox	=0.9-rc
Mozilla Firefox	=0.9.1
Mozilla Firefox	=0.9.2
Mozilla Firefox	=0.9.3
Mozilla Firefox	=0.10
Mozilla Firefox	=0.10.1
Mozilla Firefox	=1.0
Mozilla Firefox	=1.0-preview_release
Mozilla Firefox	=1.0.1
Mozilla Firefox	=1.0.2
Mozilla Firefox	=1.0.3
Mozilla Firefox	=1.0.4
Mozilla Firefox	=1.0.5
Mozilla Firefox	=1.0.6
Mozilla Firefox	=1.0.7
Mozilla Firefox	=1.0.8
Mozilla Firefox	=1.4.1
Mozilla Firefox	=1.5
Mozilla Firefox	=1.5-beta1
Mozilla Firefox	=1.5-beta2
Mozilla Firefox	=1.5.0.1
Mozilla Firefox	=1.5.0.2
Mozilla Firefox	=1.5.0.3
Mozilla Firefox	=1.5.0.4
Mozilla Firefox	=1.5.0.5
Mozilla Firefox	=1.5.0.6
Mozilla Firefox	=1.5.0.7
Mozilla Firefox	=1.5.0.8
Mozilla Firefox	=1.5.0.9
Mozilla Firefox	=1.5.0.10
Mozilla Firefox	=1.5.0.11
Mozilla Firefox	=1.5.0.12
Mozilla Firefox	=1.5.1
Mozilla Firefox	=1.5.2
Mozilla Firefox	=1.5.3
Mozilla Firefox	=1.5.4
Mozilla Firefox	=1.5.5
Mozilla Firefox	=1.5.6
Mozilla Firefox	=1.5.7
Mozilla Firefox	=1.5.8
Mozilla Firefox	=1.8
Mozilla Firefox	=2.0
Mozilla Firefox	=2.0-beta_1
Mozilla Firefox	=2.0-beta1
Mozilla Firefox	=2.0-rc2
Mozilla Firefox	=2.0-rc3
Mozilla Firefox	=2.0.0.1
Mozilla Firefox	=2.0.0.2
Mozilla Firefox	=2.0.0.3
Mozilla Firefox	=2.0.0.4
Mozilla Firefox	=2.0.0.5
Mozilla Firefox	=2.0.0.6
Mozilla Firefox	=2.0.0.7
Mozilla Firefox	=2.0.0.8
Mozilla Firefox	=2.0.0.9
Mozilla Firefox	=2.0.0.10
Mozilla Firefox	=2.0.0.11
Mozilla Firefox	=2.0.0.12
Mozilla Firefox	=2.0.0.13
Mozilla Firefox	=2.0.0.14
Mozilla Firefox	=2.0.0.15
Mozilla Firefox	=2.0.0.16
Mozilla Firefox	=2.0.0.17
Mozilla Firefox	=2.0.0.18
Mozilla Firefox	=2.0.0.19
Mozilla Firefox	=2.0.0.20
Mozilla Firefox	=2.0.0.21
Mozilla Firefox	=2.0_.1
Mozilla Firefox	=2.0_.4
Mozilla Firefox	=2.0_.5
Mozilla Firefox	=2.0_.6
Mozilla Firefox	=2.0_.7
Mozilla Firefox	=2.0_.9
Mozilla Firefox	=2.0_.10
Mozilla Firefox	=2.0_8
Mozilla Firefox	=3.0
Mozilla Firefox	=3.0-alpha
Mozilla Firefox	=3.0-beta2
Mozilla Firefox	=3.0-beta5
Mozilla Firefox	=3.0.1
Mozilla Firefox	=3.0.2
Mozilla Firefox	=3.0.3
Mozilla Firefox	=3.0.4
Mozilla Firefox	=3.0.5
Mozilla Firefox	=3.0.6
Mozilla Firefox	=3.0.7
Mozilla Firefox	=3.0.8
Mozilla Firefox	=3.0.9
Mozilla Firefox	=3.0.10
Mozilla Firefox	=3.0.11
Mozilla Firefox	=3.0.12
Mozilla Firefox	=3.0.13
Mozilla Firefox	=3.0.14
Mozilla Firefox	=3.5.1
Mozilla Firefox	=3.5.2
Mozilla Firefox	=3.5.3
Mozilla Firefox	=3.5.4
Mozilla Firefox	=3.5.5
Mozilla SeaMonkey	<=2.0
Mozilla SeaMonkey	=1.0
Mozilla SeaMonkey	=1.0-alpha
Mozilla SeaMonkey	=1.0-beta
Mozilla SeaMonkey	=1.0.1
Mozilla SeaMonkey	=1.0.2
Mozilla SeaMonkey	=1.0.3
Mozilla SeaMonkey	=1.0.4
Mozilla SeaMonkey	=1.0.5
Mozilla SeaMonkey	=1.0.6
Mozilla SeaMonkey	=1.0.7
Mozilla SeaMonkey	=1.0.8
Mozilla SeaMonkey	=1.0.9
Mozilla SeaMonkey	=1.0.99
Mozilla SeaMonkey	=1.1
Mozilla SeaMonkey	=1.1-alpha
Mozilla SeaMonkey	=1.1-beta
Mozilla SeaMonkey	=1.1.1
Mozilla SeaMonkey	=1.1.2
Mozilla SeaMonkey	=1.1.3
Mozilla SeaMonkey	=1.1.4
Mozilla SeaMonkey	=1.1.5
Mozilla SeaMonkey	=1.1.6
Mozilla SeaMonkey	=1.1.7
Mozilla SeaMonkey	=1.1.8
Mozilla SeaMonkey	=1.1.9
Mozilla SeaMonkey	=1.1.10
Mozilla SeaMonkey	=1.1.11
Mozilla SeaMonkey	=1.1.12
Mozilla SeaMonkey	=1.1.13
Mozilla SeaMonkey	=1.1.14
Mozilla SeaMonkey	=1.1.15
Mozilla SeaMonkey	=1.1.16
Mozilla SeaMonkey	=1.1.17
Mozilla SeaMonkey	=1.5.0.8
Mozilla SeaMonkey	=1.5.0.9
Mozilla SeaMonkey	=1.5.0.10
Mozilla SeaMonkey	=2.0
Mozilla SeaMonkey	=2.0-alpha_1
Mozilla SeaMonkey	=2.0-alpha_2
Mozilla SeaMonkey	=2.0-alpha_3
Mozilla SeaMonkey	=2.0-beta_1
Mozilla SeaMonkey	=2.0-beta_2
Mozilla SeaMonkey	=2.0-rc1
Mozilla SeaMonkey	=2.0a1
Mozilla SeaMonkey	=2.0a1pre

Remedy

http://securitytracker.com/id?1023342

Remedy

http://www.vupen.com/english/advisories/2009/3547

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-3985?
CVE-2009-3985 is classified as a moderate severity vulnerability.
How do I fix CVE-2009-3985?
To mitigate CVE-2009-3985, upgrade to Mozilla Firefox version 3.0.16 or later, or SeaMonkey version 2.0.1 or later.
Which versions of Firefox are affected by CVE-2009-3985?
CVE-2009-3985 affects Firefox versions prior to 3.0.16 and 3.5.x before 3.5.6.
Which versions of SeaMonkey are impacted by CVE-2009-3985?
SeaMonkey versions prior to 2.0.1 are affected by CVE-2009-3985.
What type of vulnerability is CVE-2009-3985?
CVE-2009-3985 is a vulnerability that allows remote attackers to spoof content associated with an invalid URL.

agent/type
agent/remedy
agent/softwarecombine
agent/first-publish-date
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
agent/references
agent/author
agent/weakness
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2009-3985
agent/trending
agent/tags
agent/source
vendor/mozilla
canonical/mozilla seamonkey
version/mozilla seamonkey/1.1.10
canonical/mozilla firefox
version/mozilla firefox/0.1
version/mozilla seamonkey/1.0.3
version/mozilla firefox/0.8
version/mozilla firefox/2.0.0.12
version/mozilla firefox/1.5-beta2
version/mozilla firefox/2.0_.7
version/mozilla firefox/3.5.3
version/mozilla seamonkey/1.1.8
version/mozilla firefox/3.0.7
version/mozilla firefox/1.5.2
version/mozilla seamonkey/1.0.1
version/mozilla seamonkey/1.1.7
version/mozilla seamonkey/1.5.0.10
version/mozilla firefox/3.0.9
version/mozilla seamonkey/1.0.6
version/mozilla firefox/1.5.0.6
version/mozilla firefox/1.8
version/mozilla seamonkey/1.0.9
version/mozilla seamonkey/1.1.3
version/mozilla firefox/2.0.0.2
version/mozilla firefox/1.5.0.10
version/mozilla firefox/1.5.0.3
version/mozilla seamonkey/2.0a1pre
version/mozilla seamonkey/1.0
version/mozilla firefox/3.0.8
version/mozilla seamonkey/1.1.17
version/mozilla firefox/1.5.0.11
version/mozilla firefox/1.4.1
version/mozilla seamonkey/1.0.99
version/mozilla firefox/1.5.4
version/mozilla seamonkey/2.0-alpha_2
version/mozilla seamonkey/1.1.5
version/mozilla seamonkey/1.0.7
version/mozilla firefox/1.0.2
version/mozilla seamonkey/1.0-beta
version/mozilla firefox/3.5.5
version/mozilla firefox/3.0.4
version/mozilla firefox/1.5-beta1
version/mozilla seamonkey/1.1-alpha
version/mozilla firefox/2.0_8
version/mozilla seamonkey/2.0-alpha_3
version/mozilla firefox/3.5.4
version/mozilla firefox/2.0_.9
version/mozilla firefox/3.0.5
version/mozilla seamonkey/1.0-alpha
version/mozilla firefox/3.0.15
version/mozilla seamonkey/2.0a1
version/mozilla firefox/1.5
version/mozilla firefox/0.9.1
version/mozilla firefox/1.0.4
version/mozilla firefox/2.0.0.7
version/mozilla firefox/1.0.7
version/mozilla seamonkey/1.1.12
version/mozilla firefox/3.5.1
version/mozilla seamonkey/1.1
version/mozilla firefox/2.0.0.9
version/mozilla firefox/0.10.1
version/mozilla firefox/2.0_.1
version/mozilla firefox/3.0.14
version/mozilla firefox/3.5.2
version/mozilla firefox/0.9
version/mozilla firefox/2.0.0.16
version/mozilla seamonkey/1.1.14
version/mozilla firefox/3.0-beta2
version/mozilla firefox/1.5.6
version/mozilla firefox/2.0.0.17
version/mozilla firefox/0.7
version/mozilla seamonkey/1.1.2
version/mozilla firefox/2.0.0.15
version/mozilla seamonkey/2.0-beta_2
version/mozilla firefox/3.0.10
version/mozilla firefox/0.2
version/mozilla seamonkey/1.0.2
version/mozilla seamonkey/1.0.8
version/mozilla firefox/0.3
version/mozilla seamonkey/1.1.11
version/mozilla seamonkey/2.0-alpha_1
version/mozilla firefox/2.0_.10
version/mozilla firefox/3.0.12
version/mozilla firefox/1.0
version/mozilla seamonkey/1.5.0.9
version/mozilla firefox/3.0.3
version/mozilla seamonkey/1.1-beta
version/mozilla seamonkey/1.1.1
version/mozilla firefox/1.5.0.7
version/mozilla firefox/2.0
version/mozilla firefox/1.0.1
version/mozilla seamonkey/1.5.0.8
version/mozilla firefox/2.0-beta1
version/mozilla firefox/2.0.0.14
version/mozilla firefox/0.6
version/mozilla seamonkey/1.0.5
version/mozilla firefox/0.7.1
version/mozilla seamonkey/1.1.15
version/mozilla firefox/3.0.6
version/mozilla firefox/1.5.0.8
version/mozilla firefox/2.0_.5
version/mozilla firefox/2.0.0.3
version/mozilla firefox/1.5.0.9
version/mozilla firefox/1.5.0.5
version/mozilla firefox/1.5.7
version/mozilla firefox/1.5.0.12
version/mozilla firefox/2.0.0.6
version/mozilla seamonkey/1.1.6
version/mozilla firefox/3.0
version/mozilla firefox/2.0.0.11
version/mozilla firefox/1.5.0.2
version/mozilla seamonkey/1.1.16
version/mozilla firefox/1.0.3
version/mozilla firefox/3.0.1
version/mozilla firefox/2.0.0.4
version/mozilla firefox/0.5
version/mozilla firefox/0.6.1
version/mozilla firefox/1.5.1
version/mozilla seamonkey/2.0-beta_1
version/mozilla firefox/2.0.0.21
version/mozilla firefox/0.9.3
version/mozilla firefox/2.0.0.13
version/mozilla firefox/2.0.0.18
version/mozilla firefox/2.0-rc2
version/mozilla firefox/2.0.0.1
version/mozilla firefox/3.0.2
version/mozilla firefox/2.0_.6
version/mozilla firefox/2.0_.4
version/mozilla seamonkey/2.0-rc1
version/mozilla seamonkey/1.0.4
version/mozilla firefox/1.5.5
version/mozilla firefox/0.9.2
version/mozilla firefox/1.0-preview_release
version/mozilla seamonkey/2.0
version/mozilla firefox/2.0-beta_1
version/mozilla seamonkey/1.1.9
version/mozilla seamonkey/1.1.13
version/mozilla firefox/2.0.0.20
version/mozilla firefox/2.0.0.8
version/mozilla firefox/3.0-beta5
version/mozilla firefox/0.9-rc
version/mozilla firefox/2.0.0.19
version/mozilla firefox/1.5.8
version/mozilla firefox/1.5.3
version/mozilla firefox/0.4
version/mozilla firefox/1.5.0.4
version/mozilla firefox/1.5.0.1
version/mozilla firefox/3.0.13
version/mozilla firefox/0.10
version/mozilla firefox/1.0.5
version/mozilla firefox/2.0.0.5
version/mozilla firefox/2.0.0.10
version/mozilla firefox/2.0-rc3
version/mozilla firefox/3.0-alpha
version/mozilla firefox/1.0.6
version/mozilla seamonkey/1.1.4
version/mozilla firefox/1.0.8
version/mozilla firefox/3.0.11

CVE-2009-3985

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-3985?

How do I fix CVE-2009-3985?

Which versions of Firefox are affected by CVE-2009-3985?

Which versions of SeaMonkey are impacted by CVE-2009-3985?

What type of vulnerability is CVE-2009-3985?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2009-3985?

How do I fix CVE-2009-3985?

Which versions of Firefox are affected by CVE-2009-3985?

Which versions of SeaMonkey are impacted by CVE-2009-3985?

What type of vulnerability is CVE-2009-3985?