CVE-2009-4100

Published Nov 29, 2009

Last updated 7 years ago

Overview

Description: Yoono extension before 6.1.1 for Firefox performs certain operations with chrome privileges, which allows user-assisted remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via DOM event handlers such as onload.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-20

Evaluator

Comment: -
Impact: Per info from the following advisory: http://www.net-security.org/secworld.php?id=8527 Raised the score to CIA:complete NVD received information from Yoono development team on December 4, 2009 that the affected versions are in fact 6.1.0 and previous. NVD adjusted affected versions accordingly because of this new information.
Solution: Per info from the following advisory: http://www.net-security.org/secworld.php?id=8527 Raised the score to CIA:complete NVD received information from Yoono development team on December 4, 2009 that the affected versions are in fact 6.1.0 and previous. NVD adjusted affected versions accordingly because of this new information.

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:yoono:yoono:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8672C9E4-520C-40F2-9BA1-17292AA2D2FC",
            "versionEndIncluding": "6.1.0"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:2.0.2.474:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13A7E116-AF8A-44FE-BB59-D7F5C960D380"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:2.0.3.564:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E291D7B2-78FE-4AC4-AEB3-25D6DF64FD57"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:2.0.4.641:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E52E7CE-17E6-4236-BF11-71DDE7929DB7"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:2.1.0.743:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02D5A3E7-56BE-4E73-8C52-43337C0D935D"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:2.2.1.1038:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9194EA29-A019-448F-BFD7-4D15861CFF2F"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:3.0.0.1268:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93998252-0AA7-47B7-B72C-6962FD7E7168"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:3.0.0.1270:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB5BDDF4-F63B-4F4D-9655-66362520F2E5"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:3.0.1.1388:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "102261B7-7AC2-497D-A393-4A029C972213"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:3.0.2.1976:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2BFB3765-38C6-4474-924E-613324530C44"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:3.0.3.2369:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBB9BCAE-02DA-4E2C-930F-270F3F48E792"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:3.0.4.2469:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6028C4A-C0AF-4497-8C96-C7EE975C9D8D"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:3.0.5.2626:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5FCEE47D-CD03-4E80-9C81-8C28062B4787"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:3.0.6.2723:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "273F0B0E-D171-405B-B421-B185A97C6A46"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:3.1.0.2898:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D557BFE2-BFDE-479B-89AB-21EE49DD8EF1"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:3.1.1.2999:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "155BC363-9577-424E-BDA5-A8F0A267A1E0"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:4.0.0.4529:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "92AFCCC9-A7F2-4E45-975B-A253B4C78413"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:4.0.1.4774:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6EE75F46-55B5-4DCC-98B1-B3BFC2F7B462"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:4.0.2.5149:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3276A3D-C603-4187-9981-68AF84836DA7"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:4.0.3.5488:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "152D0A1C-CCF0-4238-B505-57CD8C0E2815"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:5.0.1.11511_11520:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9225E5EA-B2D5-4E9B-BA5E-36419D43ACC5"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:5.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC0F04B1-CEAD-4C86-AFAE-366379AB72BE"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:5.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "823A7319-A550-476B-9E52-6D27C3162953"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:5.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC77C93B-F28E-49C5-A4B5-46D4C98C57BC"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:5.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59BE93A6-E997-4304-9BB2-1B41E1C52875"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:5.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CAD2A4DA-D209-4F64-A233-9C49433235C6"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:5.0.7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "505F95F9-B873-4218-BEBB-394351EE4ECF"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:5.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2A0736D-283C-4ECB-9A8E-82CEC7A008CD"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:5.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B652DE4B-4A39-487C-B7C9-3EFAE812C462"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:5.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6EF27FB-4DD9-4CDD-9CF9-A075C9B3D856"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:5.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBBAC4E7-7349-4AE6-9142-02C91A62E4E5"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:6.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "790D2BD3-8360-4B79-A4A0-2830B979BA68"
          },
          {
            "criteria": "cpe:2.3:a:yoono:yoono:6.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7037DC76-925C-43EF-9F88-3E2A6349C3EC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "14E6A30E-7577-4569-9309-53A0AF7FE3AC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Evaluator

Configurations

References