New Search

Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14 and SeaMonkey before 2.0.12 allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugin and received a 307 redirect to a page on a different web site.

oval:org.mitre.oval:def:14473

Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14 and SeaMonkey before 2.0.12 allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugin and received a 307 redirect to a page on a different web site.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Vista
  • Microsoft Windows Server 2003
  • Microsoft Windows 2000
  • Microsoft Windows Server 2008
  • Microsoft Windows 7
  • Microsoft Windows XP
Class:
vulnerability
Reference(s):
  • CVE-2011-0059
Product(s):
  • Mozilla Seamonkey
  • Mozilla Firefox