Описание
The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI as a ChromeProtocol and can be loaded via JavaScript, which allows remote attackers to obtain sensitive information by querying the browser's session history.
The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI as a ChromeProtocol and can be loaded via JavaScript, which allows remote attackers to obtain sensitive information by querying the browser's session history.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-1116
- https://bugzilla.mozilla.org/show_bug.cgi?id=371375
- http://osvdb.org/33804
- http://securityreason.com/securityalert/2309
- http://www.gnucitizen.org/projects/hscan-redux
- http://www.securityfocus.com/archive/1/461006/100/0/threaded
- http://www.securityfocus.com/archive/1/461013/100/0/threaded
Связанные уязвимости
The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI as a ChromeProtocol and can be loaded via JavaScript, which allows remote attackers to obtain sensitive information by querying the browser's session history.
The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI as a ChromeProtocol and can be loaded via JavaScript, which allows remote attackers to obtain sensitive information by querying the browser's session history.
The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI ...