• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Mozilla Firefox WYCIWYG:// URI Cache Zone Bypass Vulnerability

References:

• 1.5.1 Release Notes (Camino)
  
• Bug 387333 â?? [FIX]unauthorized access to wyciwyg:// documents possible (Mozilla)
  
• Firefox Homepage (Mozilla Foundation)
  
• Firefox wyciwyg:// cache vulnerability demo (Michal Zalewski)
  
• Mozilla Foundation Security Advisory 2007-24 (Mozilla)
  
• rPath Security Advisory: 2007-0148-1 (rPath)
  
• Security update for MozillaFirefox SuSE Linux Maintenance Web (07d098f99c9fe6956 (Novell)
  
• Firefox wyciwyg:// cache zone bypass (Michal Zalewski )
  
• ASA-2007-360 - Firefox security update (RHSA-2007-0724) (Avaya)
  
• HPSBUX02153 SSRT061181 rev.5 - HP-UX Running Firefox, Remote Unauthorized Access (HP)
  
• RHSA-2007:0724-4 Critical: firefox security update (Red Hat)
  
• Solution 201516 : Multiple Security Vulnerabilities in Firefox and Thunderbir (Sun)
  
• Sun Alert ID: 103177 (Sun Microsystems)