Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Mozilla Firefox <= 1.5.0.9 Cross Zone Security Bypass

Low

Synopsis

The remote browser may allow an attacker to read confidential data.

Description

The installed version of Firefox is reported to be vulnerable to a number of flaws. The details of the flaws are not currently known; however, it is alleged that an attacker can bypass security mechanisms in order to obtain local file contents. In order for this attack to be a success, the attacker would need to be able to convince a user to browsea malicious URI and expect that the user would allow a popup window.

Solution

Upgrade or patch according to vendor recommendations.