Vulnerabilities

CVE-2007-1084

by Fred · 22/02/2007

Mozilla Firefox 2.0.0.1 and earlier does not prompt users before saving bookmarklets, which allows remote attackers to bypass the same-domain policy by tricking a user into saving a bookmarklet with a data: scheme, which is executed in the context of the last visited web page.

Date published : 2007-02-22

http://www.securityfocus.com/bid/22666

http://www.securityfocus.com/archive/1/460885/100/0/threaded

Similar

Tags: Cybersecurity Alert