Mozilla Firefox is prone to a vulnerability that allows attackers to steal cookies. This issue is occurs because the application fails to sufficiently sanitize user-supplied input.
An attacker can exploit this issue to manipulate cookie-based authentication credentials for third-party web pages or to control how the site is rendered to the user. Exploiting this issue may allow the attacker to bypass the same-origin policy for XMLHttpRequest and cross-window/cross-frame data access; other attacks are also possible.
This issue affects version 2.0.0.1; prior versions may also be affected.
http://www.securityfocus.com/bid/22566/info
Michal Zalewski is credited with the discovery of this vulnerability.
No comments:
Post a Comment