Release date:
Updated on:
Affected Systems:
Mozilla Firefox 3.6.x
Mozilla Thunderbird 3.x
Mozilla SeaMonkey 2.x
Unaffected system:
Mozilla Firefox 6
Mozilla Firefox 3.6.23
Mozilla Thunderbird 6
Mozilla SeaMonkey 2.3
Description:
--------------------------------------------------------------------------------
Bugtraq id: 49848
Cve id: CVE-2011-2999
Firefox is a very popular open-source WEB browser. Thunderbird is a mail client that supports IMAP, POP protocol, and HTML format. SeaMonkey is an open-source Web browser, mail and newsgroup client, IRC session client, and HTML editor.
Mozilla Firefox/Thunderbird/SeaMonkey has a security vulnerability. Remote attackers can exploit this vulnerability to bypass the same-origin policy and execute arbitrary script code to obtain sensitive information or other spoofing attacks.
A frame named "location" masks the window. location object unless the script on the page before the frame is created captures the reference of the actual object. Some plug-ins use the value of window. location to determine the page source, allowing the plug-in to access other sites or local file systems.
<* Source: Boris Zbarsky
Link: http://www.mozilla.org/security/announce/2011/mfsa2011-38.html
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Mozilla
-------
Mozilla has released a Security Bulletin (mfsa2011-38) and patches for this:
Mfsa2011-38: XSS via plugins and shadowed window. location object
Link: http://www.mozilla.org/security/announce/2011/mfsa2011-38.html