Mozilla Firefox/Thunderbird/Seamokey Arbitrary Image Cross Domain Security Bypass Vulnerability

Mozilla Firefox/Thunderbird/Seamokey Arbitrary Image Cross Domain Security Bypass Vulnerability

Mozilla Firefox, Thunderbird, and Seamonkey are prone to a cross-domain security-bypass vulnerability that can allow an attacker to bypass the same-origin policy.

The attacker can exploit this issue to access arbitrary images from other domains.

Versions prior to Firefox 2.0.0.18 are vulnerable.

NOTE: This issue was previously included in BID 32281 'Mozilla Firefox/Thunderbird/SeaMonkey Multiple Remote Vulnerabilities', but has been given its own record to better document the issue.