cpe:/a:didier_ernotte:inforss:0.5 cpe:/a:didier_ernotte:inforss:0.7.7 cpe:/a:didier_ernotte:inforss:0.8.4 cpe:/a:didier_ernotte:inforss:0.8.7 cpe:/a:didier_ernotte:inforss:0.8.8.1 cpe:/a:didier_ernotte:inforss:0.8.8.2 cpe:/a:didier_ernotte:inforss:0.8.9 cpe:/a:didier_ernotte:inforss:0.8.9.1 cpe:/a:didier_ernotte:inforss:0.8.9.3 cpe:/a:didier_ernotte:inforss:0.8.9.4 cpe:/a:didier_ernotte:inforss:0.8.9.5 cpe:/a:didier_ernotte:inforss:0.9.0 cpe:/a:didier_ernotte:inforss:0.10.0 cpe:/a:didier_ernotte:inforss:0.10.1 cpe:/a:didier_ernotte:inforss:1.0.0 cpe:/a:didier_ernotte:inforss:1.1.0.1 cpe:/a:didier_ernotte:inforss:1.1.1 cpe:/a:didier_ernotte:inforss:1.1.2 cpe:/a:didier_ernotte:inforss:1.1.3 cpe:/a:didier_ernotte:inforss:1.1.4 cpe:/a:didier_ernotte:inforss:1.1.4.1 cpe:/a:didier_ernotte:inforss:1.1.4.2 CVE-2009-4101 2009-11-29T08:08:29.420-05:00 2017-08-16T21:31:26.430-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2009-11-30T13:19:00.000-05:00 SECUNIA 37467 VUPEN ADV-2009-3323 MISC https://addons.mozilla.org/en-US/firefox/addons/versions/361#version-1.2.0 XF inforss-rss-xss(54370) infoRSS 1.1.4.2 and earlier extension for Firefox performs certain operations with chrome privileges, which allows remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via the description tag of an RSS feed.