CVE-2009-1834

N/A Unknown

Published: June 12, 2009 Modified: April 23, 2026

Description

Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 allows remote attackers to spoof the location bar via an IDN with invalid Unicode characters that are displayed as whitespace, as demonstrated by the \u115A through \u115E characters.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://osvdb.org/55162

Source: secalert@redhat.com

http://secunia.com/advisories/35331

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/35415

Source: secalert@redhat.com

http://secunia.com/advisories/35431

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/35439

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/35468

Source: secalert@redhat.com

http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468

Source: secalert@redhat.com

http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1

Source: secalert@redhat.com

http://www.debian.org/security/2009/dsa-1820

Source: secalert@redhat.com

http://www.mozilla.org/security/announce/2009/mfsa2009-25.html

Source: secalert@redhat.com

Vendor Advisory

http://www.securityfocus.com/bid/35326

Source: secalert@redhat.com

http://www.securityfocus.com/bid/35388

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2009/1572

Source: secalert@redhat.com

Patch Vendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=479413

Source: secalert@redhat.com

Exploit

https://bugzilla.redhat.com/show_bug.cgi?id=503573

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10436

Source: secalert@redhat.com

https://rhn.redhat.com/errata/RHSA-2009-1095.html

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00574.html

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00657.html

Source: secalert@redhat.com

http://osvdb.org/55162

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35331

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/35415

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35431

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/35439

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/35468

Source: af854a3a-2127-422b-91ae-364da2661108

http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468

Source: af854a3a-2127-422b-91ae-364da2661108

http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2009/dsa-1820

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mozilla.org/security/announce/2009/mfsa2009-25.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/35326

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/35388

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2009/1572

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=479413

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://bugzilla.redhat.com/show_bug.cgi?id=503573

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10436

Source: af854a3a-2127-422b-91ae-364da2661108

https://rhn.redhat.com/errata/RHSA-2009-1095.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00574.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00657.html

Source: af854a3a-2127-422b-91ae-364da2661108

38 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

11.4%

94th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-20

Affected Vendors

mozilla

Related CVEs

CVE-2026-6786 8.1

CVE-2026-6785 8.1

CVE-2026-7041 3.7

CVE-2026-7039 7.8

CVE-2026-7038 3.3