Browser Security News

The Site for Web Browser Security Information

Welcome to Browser Security News

Because Web Browser Security Matters!

 

Your news resource for Internet Explorer, Firefox, Opera and Safari security news vulnerabilities, virus and other important information.

Categories

Archives

Feeds

CVE-2007-6589 (Firefox, SeaMonkey)

December 31st, 2007 by News

The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 does not update the origin domain when retrieving the inner URL parameter yields an HTTP redirect, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a jar: URI, a different vulnerability than CVE-2007-5947.

Read More…
Source: National Vulnerability Database

Posted in Firefox, National Vulnerability Db |December 31st, 2007 by News|

Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.