Mozilla Firefox/Thunderbird/SeaMonkey Cross Domain Information Disclosure Vulnerability
Mozilla Firefox, SeaMonkey, and Thunderbird are prone to a cross domain information disclosure vulnerability.
Successful exploits will allow attackers to bypass the same-origin policy and obtain potentially sensitive information; other attacks are possible.
Note: This issue was previously discussed in BID 55889 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2012-88/89 Multiple Vulnerabilities), but have been moved to their own record to better document them.
This issue is fixed in:
Firefox ESR 10.0.9
Thunderbird ESR 10.0.9