Security Advisory: Mozilla Foundation Security Advisory 2010-46

[EN] securityvulns.ru
no-pyccku

Related information
  Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
  Mozilla Firefox 3.5.x Address Bar Spoofing Vulnerability
  ZDI-10-134: Mozilla Firefox DOM Attribute Cloning Remote Code Execution Vulnerability
  ZDI-10-133: Mozilla Firefox CSS font-face Remote Code Execution Vulnerability
  ZDI-10-132: Mozilla Firefox Plugin Parameter EnsureCachedAttrParam
Arrays Remote Code Execution Vulnerability

From: MOZILLA
Date: 24.07.2010
Subject: Mozilla Foundation Security Advisory 2010-46

Mozilla Foundation Security Advisory 2010-46

Title: Cross-domain data theft using CSS
Impact: Moderate
Announced: July 20, 2010
Reporter: Chris Evans
Products: Firefox, Thunderbird, SeaMonkey

Fixed in: Firefox 3.6.7
Firefox 3.5.11
Thunderbird 3.1.1
Thunderbird 3.0.6
SeaMonkey 2.0.6
Description

Google security researcher Chris Evans reported that data can be read across domains by injecting bogus CSS selectors into a target site and then retrieving the data using JavaScript APIs. If an attacker can inject opening and closing portions of a CSS selector into points A and B of a target page, then the region between the two injection points becomes readable to JavaScript through, for example, the getComputedStyle() API.
References

   * https://bugzilla.mozilla.org/show_bug.cgi?id=524223
   * CVE-2010-0654