CVE-2007-1116

2007-02-26T23:28:00
ID CVE-2007-1116
Type cve
Reporter cve@mitre.org
Modified 2018-10-16T16:36:00

Description

The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI as a ChromeProtocol and can be loaded via JavaScript, which allows remote attackers to obtain sensitive information by querying the browser's session history. Comments in the hyperlinks also pointed to Firefox 2.0.0.2 containing the vulnerability.