Mozilla Firefox 3.6 - Image Preloading Content-Policy Check Security Bypass

2010-03-18T00:00:00
ID EXPLOITPACK:40F2EB0E033C629F73B6DA6F55996B2F
Type exploitpack
Reporter Josh Soref
Modified 2010-03-18T00:00:00

Description

Mozilla Firefox 3.6 - Image Preloading Content-Policy Check Security Bypass

                                        
                                            source: https://www.securityfocus.com/bid/38927/info

Mozilla Firefox is prone to a security-bypass vulnerability.

Attackers can exploit this issue to bypass content-loading policies.

Attackers can exploit this issue to bypass content-loading policies. The impact of this issue will depend on the reasons behind the content check. Consequences may include cross-site request-forgery attacks, denial-of-service conditions, and possibly remote code execution.

Mozilla Firefox 3.6 is vulnerable.

NOTE: This issue was previously covered in BID 38918 (Mozilla Firefox Thunderbird and Seamonkey MFSA 2010-09 through -15 Multiple Vulnerabilities) but has been assigned its own record to better document it.

<img src="file:///dev/tty">