Vulnerabilities

CVE-2010-2764

by Fred · 09/09/2010

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests.

Date published : 2010-09-09

http://www.securityfocus.com/bid/43104

http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox

Similar

Tags: Cybersecurity Alert