Security-bypass vulnerability in Mozilla Firefox

vendor:

Firefox

by:

Unknown

N/A

CVSS

N/A

Security-bypass

Unknown

CWE

Product Name: Firefox

Affected Version From: Mozilla Firefox 3.6

Affected Version To: Mozilla Firefox 3.6

Patch Exists: Unknown

Related CWE: Unknown

CPE: Unknown

Metasploit:

Other Scripts:

Platforms Tested: Unknown

Unknown

Security-bypass vulnerability in Mozilla Firefox

Attackers can exploit this issue to bypass content-loading policies. The impact of this issue will depend on the reasons behind the content check. Consequences may include cross-site request-forgery attacks, denial-of-service conditions, and possibly remote code execution.

Mitigation:

Unknown

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/38927/info

Mozilla Firefox is prone to a security-bypass vulnerability.

Attackers can exploit this issue to bypass content-loading policies.

Attackers can exploit this issue to bypass content-loading policies. The impact of this issue will depend on the reasons behind the content check. Consequences may include cross-site request-forgery attacks, denial-of-service conditions, and possibly remote code execution.

Mozilla Firefox 3.6 is vulnerable.

NOTE: This issue was previously covered in BID 38918 (Mozilla Firefox Thunderbird and Seamonkey MFSA 2010-09 through -15 Multiple Vulnerabilities) but has been assigned its own record to better document it.

<img src="file:///dev/tty">