• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Mozilla Firefox/Thunderbird/SeaMonkey Chrome-Loaded About:Blank Script Execution Vulnerability

References:

• 1.5.1 Release Notes (Camino)
  
• Bug 388121 (CVE-2007-3844) â?? [FIX]about:blank loaded by chrome in particular way (Mozilla Foundation)
  
• Firefox Homepage (Mozilla Foundation)
  
• SeaMonkey Homepage (Mozilla)
  
• Thunderbird Home Page (Mozilla)
  
• ASA-2007-447 Firefox security update (RHSA-2007-0979) (Avaya)
  
• HPSBUX02153 SSRT061181 rev.5 - HP-UX Running Firefox, Remote Unauthorized Access (HP)
  
• HPSBUX02156 SSRT061236 rev.4 - HP-UX Running Thunderbird, Remote Unauthorized Ac (HP)
  
• MFSA 2007-26: Privilege escalation through chrome-loaded about:blank windows (Mozilla Foundation)
  
• RHSA-2007:0979-1 Critical: firefox security update (Red Hat)
  
• RHSA-2007:0980-2 Critical: seamonkey security update (Red Hat)
  
• RHSA-2007:0981-2 Moderate: thunderbird security update (Red Hat)
  
• Solution 201516 : Multiple Security Vulnerabilities in Firefox and Thunderbir (Sun)
  
• Sun Alert ID: 103177 (Sun Microsystems)