CVE-2009-4127
Published Dec 2, 2009
Last updated 15 years ago
Overview
- Description
- Unspecified vulnerability in Wikipedia Toolbar extension before 0.5.9.2 for Firefox allows user-assisted remote attackers to execute arbitrary JavaScript with Chrome privileges via vectors involving unspecified Toolbar buttons and the eval function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-94
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "14E6A30E-7577-4569-9309-53A0AF7FE3AC"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EAFDA9BA-88F5-4EE1-8CD9-44E6577D3C47",
"versionEndIncluding": "0.5.9.1"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E58547CA-DF08-4F4A-97E5-DEE7F44A3856"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4CE6EE2B-013D-4DA3-B9DC-7DCF9A9D194C"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2433D72E-C5D1-4D7F-8202-ACF83B707E96"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B395FDE2-5998-4D0B-90F9-A558AA2556DC"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.4.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9464376B-6AD4-43D2-B2CD-716F645FDAA0"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.4.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "06676111-C161-4A43-8F18-444C550AFD2A"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.4.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79FECBBF-44B0-459E-B1A8-1A0E742C299B"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.4.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B0231836-F6A0-49F9-AE0C-5F4036B2DF94"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4A2959D5-9182-48DE-83E7-120DAC388382"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B763E13D-FD92-4025-921C-63047F76CADD"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BF2CCC8A-2DCE-4707-84CD-302963015D25"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DCCBD3F7-379E-4EBF-A838-219DD28EFE05"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "114E5DEB-1978-46E8-9932-E9CFF0E18AC8"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "53614EEA-4C06-47E0-97A7-BA371381D1AB"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2030838A-6F2F-4998-ADD6-0983896DCE5A"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "75F48B37-48F6-4275-BE7D-B32D51583229"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E81B091F-00B9-4385-8986-3A06E3135410"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B60954CB-FEA1-4219-B9DE-4E5259E96F21"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8BEE9642-B660-4B29-8089-B7419A38A645"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7DE1D65F-B8F6-42BF-8C76-BCC790FFD3C7"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A345BC5E-45E0-42BC-9B73-2988B6F990C2"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CAC78EAF-CBA9-432B-9863-019231E32532"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D541F9B2-EB09-43D6-BF66-FF77D1F617CE"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5909B350-4A02-4747-9D6A-621201852283"
},
{
"criteria": "cpe:2.3:a:wikipedia:wikipedia_toolbar:0.5.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB1CB769-650E-42B2-9FF9-84FB32C1A87F"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]