CVE-2009-3983

N/A Unknown

Published: December 17, 2009 Modified: April 23, 2026

Description

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

Source: cve@mitre.org

http://secunia.com/advisories/37699

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/37703

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/37704

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/37785

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/37813

Source: cve@mitre.org

http://secunia.com/advisories/37856

Source: cve@mitre.org

http://secunia.com/advisories/37881

Source: cve@mitre.org

http://secunia.com/advisories/38977

Source: cve@mitre.org

http://secunia.com/advisories/39001

Source: cve@mitre.org

http://securitytracker.com/id?1023340

Source: cve@mitre.org

http://securitytracker.com/id?1023341

Source: cve@mitre.org

http://www.debian.org/security/2009/dsa-1956

Source: cve@mitre.org

http://www.mozilla.org/security/announce/2009/mfsa2009-68.html

Source: cve@mitre.org

Patch Vendor Advisory

http://www.novell.com/linux/security/advisories/2009_63_firefox.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/37349

Source: cve@mitre.org

http://www.securityfocus.com/bid/37366

Source: cve@mitre.org

http://www.ubuntu.com/usn/USN-873-1

Source: cve@mitre.org

http://www.ubuntu.com/usn/USN-874-1

Source: cve@mitre.org

http://www.ubuntu.com/usn/USN-915-1

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/3547

Source: cve@mitre.org

Patch Vendor Advisory

http://www.vupen.com/english/advisories/2010/0648

Source: cve@mitre.org

https://bugzilla.mozilla.org/show_bug.cgi?id=487872

Source: cve@mitre.org

https://bugzilla.redhat.com/show_bug.cgi?id=546720

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/54807

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10047

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8240

Source: cve@mitre.org

https://rhn.redhat.com/errata/RHSA-2009-1673.html

Source: cve@mitre.org

https://rhn.redhat.com/errata/RHSA-2009-1674.html

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00995.html

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01034.html

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01041.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html