Mozilla Firefox Popup Blocker Cross Zone Security Bypass Weakness

Mozilla Firefox Popup Blocker Cross Zone Security Bypass Weakness

References:

1.5.1 Release Notes (Camino)
Firefox + popup blocker + XMLHttpRequest + srand() = oops (Michal Zalewski )
Re: Firefox + popup blocker + XMLHttpRequest + srand() = oops (Michal Zalewski )
ASA-2007-114 Firefox security update (RHSA-2007-0079) (Avaya)
HPSBUX02153 SSRT061181 rev.5 - HP-UX Running Firefox, Remote Unauthorized Access (HP)
Mozilla Foundation Security Advisory 2007-05 (Mozilla)
RHSA-2007:0077-6 - seamonkey security update (Red Hat)
RHSA-2007:0078-2 - Thunderbird security update (Red Hat)
RHSA-2007:0097-5 firefox security update (Red Hat)
RHSA-2007:0108-4 thunderbird security update (Red Hat)

Privacy Statement
Copyright 2010, SecurityFocus