Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

Firefox unpatched vulnerability

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
Home » Discuss » DU Groups » Computers & Internet » Computer Help and Support Group Donate to DU
 
Earth Bound Misfit Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Jun-01-10 01:32 AM
Original message
Firefox unpatched vulnerability
http://secunia.com/advisories/39925/

The vulnerability is caused due to the "window.onerror" handler being allowed to read the destination URL of a redirection. This can be exploited to e.g. disclose session-specific query parameters contained in a target URL by referencing a redirecting site via an HTML "<script>" tag.

The vulnerability is confirmed in version 3.6.3 and 3.5.9. Other versions may also be affected.

Solution

Do not browse untrusted sites while accessing other sites with potentially sensitive information in the URL.
Refresh | 0 Recommendations Printer Friendly | Permalink | Reply | Top

Home » Discuss » DU Groups » Computers & Internet » Computer Help and Support Group Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC