Mozilla Firefox 'window.location' Same Origin Policy Security Bypass Vulnerability

Mozilla Firefox is prone to a security-bypass vulnerability.

Attackers can exploit this issue to bypass the same-origin policy and certain access restrictions to access data or execute arbitrary script code in the browser of an unsuspecting user in the context of another site. This could be used to steal sensitive information or to launch other attacks.

This issue affects Firefox 3.6.

This issue was previously documented in BID 38918 (Mozilla Firefox Thunderbird and Seamonkey MFSA 2010-09 through -15 Multiple Vulnerabilities) but has been given its own record to better document it.


Privacy Statement
Copyright 2010, SecurityFocus