Mozilla Firefox "locations.hostname" DOM Property Handling Vulnerability

ronjor · Feb 16, 2007

Description:
Michal Zalewski has reported a vulnerability in Mozilla Firefox, which can be exploited by malicious people to bypass certain security restrictions
Click to expand...

Secunia

Mrkvonic · Feb 16, 2007

Hello,
Requires javascript enabled and session cookies accepted.
Mrk

tlu · Feb 17, 2007

Mrkvonic said:

Hello,
Requires javascript enabled and session cookies accepted.
Mrk
Click to expand...

... which is another confirmation how important the extension Noscript is.

Brian N · Feb 18, 2007

And you can test it here: http://lcamtuf.dione.cc/ffhostname.html

nadirah · Feb 19, 2007

Brian N said:

And you can test it here: http://lcamtuf.dione.cc/ffhostname.html
Click to expand...

NoScript saved my life.

ronjor · Feb 22, 2007

Mozilla Working On Fix For Firefox Flaw

The security update for the open-source browser originally was slated to be released on Feb. 21 but was pushed back in order to accommodate a fix for this new flaw " the location.hostname vulnerability -- and other security and stability issues.
Click to expand...

Article

Log in or Sign up

Mozilla Firefox "locations.hostname" DOM Property Handling Vulnerability

ronjor Global Moderator

Mrkvonic Linux Systems Expert

tlu Guest

Brian N Registered Member

nadirah Registered Member

ronjor Global Moderator

Log in or Sign up

Mozilla Firefox "locations.hostname" DOM Property Handling Vulnerability

ronjor Global Moderator

Mrkvonic Linux Systems Expert

tlu Guest

Brian N Registered Member

nadirah Registered Member

ronjor Global Moderator

Useful Searches