Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Internet Explorer and Mozilla Firefox multiple security vulnerabilities
Published:04.06.2007
Source:
SecurityVulns ID:7772
Type:client
Threat Level:
7/10
Description:Internet Explorer race conditions allow cross domain access. Mozilla Firefox IFRAME cross domain access. Mozilla file download dialogs delay protection bypass. MSIE address bar spoofing.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MOZILLA : Firefox 2.0
Original documentdocumentMichal Zalewski, [Full-disclosure] Assorted browser vulnerabilities (04.06.2007)
Files:MSIE page update race condition (CRITICAL)
 Firefox Cross-site IFRAME hijacking (MAJOR)
 Firefox file prompt delay bypass (MEDIUM)
 MSIE6 URL bar spoofing (MEDIUM)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod