CVE-2009-4127

Published Dec 2, 2009

Last updated 15 years ago

CVSS info 9.3

Overview

Description: Unspecified vulnerability in Wikipedia Toolbar extension before 0.5.9.2 for Firefox allows user-assisted remote attackers to execute arbitrary JavaScript with Chrome privileges via vectors involving unspecified Toolbar buttons and the eval function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-94

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "14E6A30E-7577-4569-9309-53A0AF7FE3AC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EAFDA9BA-88F5-4EE1-8CD9-44E6577D3C47",
            "versionEndIncluding": "0.5.9.1"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E58547CA-DF08-4F4A-97E5-DEE7F44A3856"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CE6EE2B-013D-4DA3-B9DC-7DCF9A9D194C"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2433D72E-C5D1-4D7F-8202-ACF83B707E96"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B395FDE2-5998-4D0B-90F9-A558AA2556DC"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9464376B-6AD4-43D2-B2CD-716F645FDAA0"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06676111-C161-4A43-8F18-444C550AFD2A"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79FECBBF-44B0-459E-B1A8-1A0E742C299B"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.4.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0231836-F6A0-49F9-AE0C-5F4036B2DF94"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A2959D5-9182-48DE-83E7-120DAC388382"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B763E13D-FD92-4025-921C-63047F76CADD"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF2CCC8A-2DCE-4707-84CD-302963015D25"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DCCBD3F7-379E-4EBF-A838-219DD28EFE05"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "114E5DEB-1978-46E8-9932-E9CFF0E18AC8"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53614EEA-4C06-47E0-97A7-BA371381D1AB"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2030838A-6F2F-4998-ADD6-0983896DCE5A"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75F48B37-48F6-4275-BE7D-B32D51583229"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E81B091F-00B9-4385-8986-3A06E3135410"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B60954CB-FEA1-4219-B9DE-4E5259E96F21"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8BEE9642-B660-4B29-8089-B7419A38A645"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7DE1D65F-B8F6-42BF-8C76-BCC790FFD3C7"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A345BC5E-45E0-42BC-9B73-2988B6F990C2"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CAC78EAF-CBA9-432B-9863-019231E32532"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D541F9B2-EB09-43D6-BF66-FF77D1F617CE"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5909B350-4A02-4747-9D6A-621201852283"
          },
          {
            "criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB1CB769-650E-42B2-9FF9-84FB32C1A87F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References