Mozilla Firefox Location.Hostname Dom Property Cookie Theft Vulnerability

Mozilla Firefox Location.Hostname Dom Property Cookie Theft Vulnerability

References:

1.5.1 Release Notes (Camino)
Bug 370445 â?? Zalewski cookie stealing / same-domain bypass vulnerability (Michal Zalewski)
RHSA-2007:0077-3 - Critical: seamonkey security update (RedHat)
Re: [Full-disclosure] Firefox: serious cookie stealing / same-domain bypass vuln (Michal Zalewski )
ASA-2007-114 Firefox security update (RHSA-2007-0079) (Avaya)
HPSBUX02153 SSRT061181 rev.5 - HP-UX Running Firefox, Remote Unauthorized Access (HP)
Mozilla Foundation Security Advisory 2007-07 (Mozilla)
RHSA-2007:0077-6 - seamonkey security update (Red Hat)
RHSA-2007:0078-2 - Thunderbird security update (Red Hat)
RHSA-2007:0079-2 - Firefox security update (Red Hat)
RHSA-2007:0097-5 firefox security update (Red Hat)
RHSA-2007:0108-4 thunderbird security update (Red Hat)
Vulnerability Note VU#885753 Mozilla browsers 'location.hostname' cross-domain v (US-CERT)

Privacy Statement
Copyright 2010, SecurityFocus