CVE-2009-3007

EPSS 0.25% · P48 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-3007

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Mozilla Firefox 3.5.1 and SeaMonkey 1.1.17, and Flock 2.5.1, allow context-dependent attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary file: URL after a victim has visited any file: URL, as demonstrated by a visit to a file: document written by the attacker.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Mozilla多个浏览器任意文件查看漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Mozilla多个浏览器存在任意文件查看漏洞。Mozilla Firefox 和SeaMonkey 以及Flock 允许见机行事的攻击者借助带有一个相对URI的window.open，欺骗地址栏在用户访问的网站上显示任意的文件:URL。如果用户被骗而访问了任意的文件:URL，就会触发该漏洞。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2009-3007

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2009-3007

请登录查看更多情报信息。

http://lostmon.blogspot.com/2009/08/multiple-browsers-fake-url-folder-file.htmlx_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/53010vdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2009-3007

Same Patch Batch · n/a · 2009-08-28 · 25 CVEs total

CVE-2008-7119		Webidsupport WeBid 'item.php'多个输入验证漏洞
CVE-2009-3008		christophe_thibault k-meleon 漏洞
CVE-2009-3006		Maxthon浏览器安全漏洞漏洞
CVE-2009-3005		lunascape 漏洞
CVE-2009-3004		avant_force avant_browser 漏洞
CVE-2009-3003		microsoft internet_explorer 漏洞
CVE-2009-3002		Linux Kernel .getname函数多个信息泄露漏洞
CVE-2009-3001		Linux Kernel 'net/llc/af_llc.c' 本地信息泄露漏洞
CVE-2009-3000		Sun Solaris 'sockfs' Kernel Module 远程拒绝服务漏洞
CVE-2009-2695		Linux Kernel mmap_min_addr低内存区空指针引用漏洞
CVE-2008-7121		mrcgiguy hot_links_sql-php 跨站脚本攻击漏洞
CVE-2008-7120		Mrcgiguy Hot Links SQL-PHP 'news.php' SQL注入漏洞
CVE-2008-7107		ESET Smart Security 'easdrv.sys' 本地特权提升漏洞
CVE-2008-7118		Webidsupport WeBid多个输入验证漏洞
CVE-2008-7117		Webidsupport WeBid 'eledicss.php'多个输入验证漏洞
CVE-2008-7116		Webidsupport WeBid多个输入验证漏洞
CVE-2008-7115		Belkin F5D7632-4V6 Wireless G Router 多个身份认证绕过漏洞
CVE-2008-7114		Ifusionservices iFdate 'members_search.php' SQL注入漏洞
CVE-2008-7113		Kyocera Mita 扫描文件应用程序暴力破解漏洞
CVE-2008-7112		Kyocera Mita扫描文件应用程序拒绝服务漏洞

Showing top 20 of 25 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2009-3007

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2009-3007

I. Basic Information for CVE-2009-3007

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2009-3007

III. Intelligence Information for CVE-2009-3007

Same Patch Batch · n/a · 2009-08-28 · 25 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2009-3007

Leave a comment