Definition
New Search
Information disclosure vulnerability in Mozilla Firefox before 3.6 through HREF attribute of a stylesheet LINK element
oval:org.mitre.oval:def:12665
Mozilla Firefox possibly before 3.6 allows remote attackers to discover a redirect's target URL for the session of a specific user of a web site by placing the site's URL in the HREF attribute of a stylesheet LINK element and then reading the document.styleSheets[0].href property value related to an IFRAME element.
Family:
windows
Status:
ACCEPTED
Platform(s):
- Microsoft Windows 2000
- Microsoft Windows 7
- Microsoft Windows Server 2008
- Microsoft Windows Vista
- Microsoft Windows Server 2003
- Microsoft Windows XP
Class:
vulnerability
Reference(s):
- CVE-2010-0648
Product(s):
- Mozilla Firefox