CVE-2009-1312

Firefox < 3.0.9 - Cross-Site Scripting via Refresh Header

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-1312. PoCs published by Olli Pettay.

AI-analyzed exploit summary This is a writeup describing a vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey where a malicious refresh header can execute arbitrary JavaScript in the context of the victim's browser, leading to potential information disclosure or XSS attacks.

Description

Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header. NOTE: it was later reported that Firefox 3.6 a1 pre and Mozilla 1.7.x and earlier are also affected.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Olli Pettay · textremotelinux

https://www.exploit-db.com/exploits/32942

View Code ZIP pw:eip

This is a writeup describing a vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey where a malicious refresh header can execute arbitrary JavaScript in the context of the victim's browser, leading to potential information disclosure or XSS attacks.

Classification

Writeup 80%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Mozilla Firefox, Thunderbird, SeaMonkey (versions affected by CVE-2009-1312)

No auth needed

Prerequisites: A vulnerable browser · A malicious or compromised web server to serve the exploit

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (26)

Core 26

Core References

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2009:111

Vendor Advisory vendor-advisory x_refsource_fedora

https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00683.html

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6131

Vendor Advisory x_refsource_confirm

http://www.mozilla.org/security/announce/2009/mfsa2009-22.html

Various Sources x_refsource_misc

http://websecurity.com.ua/3386/

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1022096

Various Sources x_refsource_misc

http://websecurity.com.ua/3275/

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/34894

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2009/1125

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9818

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/34758

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6064

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/34844

Various Sources x_refsource_misc

http://ha.ckers.org/blog/20070309/firefox-header-redirection-javascript-execution/

Patch, Vendor Advisory x_refsource_confirm

https://bugzilla.mozilla.org/show_bug.cgi?id=475636

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/35065

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/504723/100/0/threaded

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6731

Vendor Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/764-1/

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/34656

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/504718/100/0/threaded

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/34843

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2009-0437.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2009-0436.html

Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1

Scores

EPSS 0.0566

EPSS Percentile 90.5%

Details

CWE

CWE-16

Status published

Products (45)

mozilla/firefox 0.1

mozilla/firefox 0.2

mozilla/firefox 0.3

mozilla/firefox 0.4

mozilla/firefox 0.5

mozilla/firefox 0.6

mozilla/firefox 0.6.1

mozilla/firefox 0.7

mozilla/firefox 0.7.1

mozilla/firefox 0.8

... and 35 more

Published Apr 22, 2009

Tracked Since Feb 18, 2026