CVE-2009-0357
CVE Information
CVE ID
CVE-2009-0357
Severity
MEDIUM
CVSS 5.0
Publish Date
2009-02-04
Description
Mozilla Firefox before 3.0.6 and SeaMonkey before 1.1.15 do not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls, related to the HTTPOnly protection mechanism.
Collection Date
2026-01-13
Impact Summary
Affected Hosts
1
Related Incidents
0
Related Alerts
0
Affected Hosts (1)
| Hostname | OS Type | Severity | Total CVEs |
|---|---|---|---|
| inbridge-ubt-24 | LINUX | CRITICAL | 2364 |