CVE-2009-3017 - Vulnerability Details

Vendors	Products
Orcabrowser	Orca Browser

Link	Providers
http://websecurity.com.ua/3386/
http://www.securityfocus.com/archive/1/506163/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/53002

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-08-04T00:00:00", "descriptions": [{"lang": "en", "value": "Orca Browser 1.2 build 5 does not properly block data: URIs in Refresh and Location headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header that contains JavaScript sequences in a data:text/html URI, (2) entering a data:text/html URI with JavaScript sequences when specifying the content of a Refresh header, (3) injecting a Location header that contains JavaScript sequences in a data:text/html URI, or (4) entering a data:text/html URI with JavaScript sequences when specifying the content of a Location header; and does not properly handle javascript: URIs in HTML links within 302 error documents sent from web servers, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (5) injecting a Location HTTP response header or (6) specifying the content of a Location HTTP response header."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "orca-browser-data-xss(53002)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53002"}, {"tags": ["x_refsource_MISC"], "url": "http://websecurity.com.ua/3386/"}, {"name": "20090828 Cross-Site Scripting vulnerability in Mozilla, Firefox, SeaMonkey, Orca Browser and Maxthon", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/506163/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-3017", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Orca Browser 1.2 build 5 does not properly block data: URIs in Refresh and Location headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header that contains JavaScript sequences in a data:text/html URI, (2) entering a data:text/html URI with JavaScript sequences when specifying the content of a Refresh header, (3) injecting a Location header that contains JavaScript sequences in a data:text/html URI, or (4) entering a data:text/html URI with JavaScript sequences when specifying the content of a Location header; and does not properly handle javascript: URIs in HTML links within 302 error documents sent from web servers, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (5) injecting a Location HTTP response header or (6) specifying the content of a Location HTTP response header."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "orca-browser-data-xss(53002)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53002"}, {"name": "http://websecurity.com.ua/3386/", "refsource": "MISC", "url": "http://websecurity.com.ua/3386/"}, {"name": "20090828 Cross-Site Scripting vulnerability in Mozilla, Firefox, SeaMonkey, Orca Browser and Maxthon", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/506163/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T06:14:55.495Z"}, "title": "CVE Program Container", "references": [{"name": "orca-browser-data-xss(53002)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53002"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://websecurity.com.ua/3386/"}, {"name": "20090828 Cross-Site Scripting vulnerability in Mozilla, Firefox, SeaMonkey, Orca Browser and Maxthon", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/506163/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-3017", "datePublished": "2009-08-31T16:00:00", "dateReserved": "2009-08-31T00:00:00", "dateUpdated": "2024-08-07T06:14:55.495Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:orcabrowser:orca_browser:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "B546ACE7-C740-4E0E-8B58-DB30D05FD375", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Orca Browser 1.2 build 5 does not properly block data: URIs in Refresh and Location headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header that contains JavaScript sequences in a data:text/html URI, (2) entering a data:text/html URI with JavaScript sequences when specifying the content of a Refresh header, (3) injecting a Location header that contains JavaScript sequences in a data:text/html URI, or (4) entering a data:text/html URI with JavaScript sequences when specifying the content of a Location header; and does not properly handle javascript: URIs in HTML links within 302 error documents sent from web servers, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (5) injecting a Location HTTP response header or (6) specifying the content of a Location HTTP response header."}, {"lang": "es", "value": "Orca Browser v1.2 build 5 no bloquea URIs data: en cabeceras Refresh y Location en respuestas HTTP, lo que permite a atacantes remotos realizar un ataque de ejecuci\u00f3n de secuencias de comandos en sitios cruzados a trav\u00e9s de vectores relativos a (1) inyectando una cabecera Refresh que contiene secuencias Javascript en URIs data:text/html, (2) introduciendo una _URI data:text/html con secuencias javascript cuando se especifica el contenidos de una cabecera Refresh, (3) inyectando una cabecera Location que contiene secuencias Javascript en una URI data:text/html o (4) introduciendo una URI data:text/html con secuencias Javascript cuando se especifica el contenido de la cabecera Location; y no maneja de forma adecuada las URIs Javascript: en los enlaces Javascript incluidos en los documentos de error 302 enviados por los servidores web, lo que provoca que atacantes remotos asistidos por usuarios realizar un ataque de ejecuci\u00f3n de secuencias de comandos en sitios cruzados a trav\u00e9s de vectores relativos a (5) inyecci\u00f3n de una cabecera Location de respuesta HTTP o (6) especificando el contenido de una cabecera Location de respuesta HTTP.\r\n"}], "id": "CVE-2009-3017", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2009-08-31T16:30:07.047", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://websecurity.com.ua/3386/"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/506163/100/0/threaded"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53002"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://websecurity.com.ua/3386/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/506163/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53002"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object