(Mozilla Issues Fix for Seamonkey) Mozilla Firefox Stylesheet Processing Bug May Let Remote Users Obtain URL Parameters
|
|
SecurityTracker Alert ID: 1019345 |
|
SecurityTracker URL: http://securitytracker.com/id/1019345
|
|
CVE Reference:
CVE-2008-0593
(Links to External Site)
|
Date: Feb 8 2008
|
Impact:
Disclosure of user information
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): prior to 1.1.8
|
Description:
A vulnerability was reported in Mozilla Firefox in the processing of stylesheets. A remote user may be able to obtain potentially sensitive URL parameters. Mozilla Seamonkey is affected.
A remote web site may be able to obtain potentially sensitive URL parameters due to the way in which the browser handles stylesheets and HTTP 302 redirects.
Martin Straka reported this vulnerability.
|
Impact:
A remote user may be able to obtain potentially sensitive URL parameters.
|
Solution:
The vendor has issued a fixed version (1.1.8).
The Mozilla advisory is available at:
http://www.mozilla.org/security/announce/2008/mfsa2008-10.html
|
Vendor URL: www.mozilla.org/security/announce/2008/mfsa2008-10.html (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
Linux (Any), UNIX (Any), Windows (Any)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Fri, 8 Feb 2008 00:42:32 -0500
Subject: http://www.mozilla.org/security/announce/2008/mfsa2008-10.html
|
CVE-2008-0593
|
|
