Vulnerability CVE-2009-3478

Vulnerability CVE-2009-3478

Published: 2009-09-29 Modified: 2012-02-13

Description:

Type:

(Improper Control of Generation of Code ('Code Injection'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
6/10	6.4/10	6.8/10

Affected software
Nightlight -> Fireftp

http://www.securityfocus.com/bid/36536

http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/sftp.js.diff?r1=1.8;r2=1.9;f=h

http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.75;r2=1.76;f=h

http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.74;r2=1.75;f=h

http://vuln.sg/fireftp105-en.html

http://secunia.com/advisories/36860