Home > Vulnerability Database > CVE-2009-0358

Mend Vulnerability Database

CVE-2009-0358

Good to know:

Date: February 4, 2009

Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the (a) back button or (b) history list of the victim's browser, as demonstrated by reading the response page of an https POST request.

Severity Score

4.3

Related Resources (5)

Url: http://secunia.com/advisories/33841

Url: http://secunia.com/advisories/33831

Url: http://secunia.com/advisories/33799

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2009:044

Url: https://nvd.nist.gov/vuln/detail/CVE-2009-0358

Severity Score

4.3

Weakness Type (CWE)

Information Leak / Disclosure

CWE-200

Top Fix

Upgrade Version

CVSS v3.1

Base Score:	4.3
Attack Vector (AV):	ADJACENT_NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	3.3
Access Vector (AV):	ADJACENT
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Mend Vulnerability Database

We found results for “”

CVE-2009-0358

Good to know:

Date: February 4, 2009

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?