Vulnerability: Disclosure of sensitive data in Mozilla Firefox
Danger: Low
Number of vulnerabilities: 1
Impact: Disclosure of sensitive data
Affected products: Mozilla Firefox 16.x
Affected versions: Mozilla Firefox 16.0
Description:
- The vulnerability allows a remote user to gain access to sensitive data on the system.
- The vulnerability is due to the fact that the protected object “location” is available for other domain objects. This can be exploited to bypass security restrictions and gain access to sensitive data.
Manufacturer URL: http://www.mozilla.org/en-US/firefox/new/
Solution: The way to eliminate the vulnerability does not exist at present.
links:
http://blog.mozilla.org/security/2012/10/10/security-vulnerability-in-firefox-16/
http://www.thespanner.co.uk/2012/10/10/firefox-knows-what-your-friends-did-last-summer/