Disclosure of sensitive data in Mozilla Firefox

Posted: October 11, 2012 in Vulnerabilities
Tags: , ,

Mozilla FirefoxVulnerability: Disclosure of sensitive data in Mozilla Firefox

Danger: Low
Number of vulnerabilities: 1
Impact: Disclosure of sensitive data
Affected products: Mozilla Firefox 16.x

Affected versions: Mozilla Firefox 16.0

Description:

  • The vulnerability allows a remote user to gain access to sensitive data on the system.
  • The vulnerability is due to the fact that the protected object “location” is available for other domain objects. This can be exploited to bypass security restrictions and gain access to sensitive data.

Manufacturer URL: http://www.mozilla.org/en-US/firefox/new/

Solution: The way to eliminate the vulnerability does not exist at present.

links:

http://blog.mozilla.org/security/2012/10/10/security-vulnerability-in-firefox-16/
http://www.thespanner.co.uk/2012/10/10/firefox-knows-what-your-friends-did-last-summer/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s