Unrated severityNVD Advisory· Published Aug 28, 2009· Updated Jun 16, 2026
CVE-2009-3008
CVE-2009-3008
Description
K-Meleon 1.5.3 allows context-dependent attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary file: URL after a victim has visited any file: URL, as demonstrated by a visit to a file: document written by the attacker.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:christophe_thibault:k-meleon:1.5.3:*:*:*:*:*:*:*
- Range: =1.5.3
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.