Upstream information
Description
Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocked popup.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
National Vulnerability Database | |
---|---|
Base Score | 4.3 |
Vector | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Access Vector | Network |
Access Complexity | Medium |
Authentication | None |
Confidentiality Impact | Partial |
Integrity Impact | None |
Availability Impact | None |
- SUSE-SA:2007:019, published Tue, 06 Mar 2007 18:00:00 +0000
- SUSE-SA:2007:022, published Tue, 20 Mar 2007 11:00:00 +0000
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
SUSE Linux Enterprise Server 11 SP1 |
| |
SUSE Linux Enterprise Server 11 SP2 |
| |
SUSE Linux Enterprise Server 11 SP3 |
| |
SUSE Linux Enterprise Server 11 SP4 |
| |
SUSE Linux Enterprise Software Development Kit 11 SP4 |
|