Summary
The host is installed with Mozilla Firefox browser and is prone to information disclosure vulnerability.
Impact
Successful exploitation will let the attacker execute arbitrary codes in the context of the web browser and can obtain sensitive information of the remote user through the web browser.
Impact Level: Application
Solution
Upgrade to Mozilla Firefox version 3.6.3 or later
For updates refer to http://www.getfirefox.com
Insight
The Web Browser fails to properly enforce the same-origin policy, which leads to cross-domain information disclosure.
Affected
Mozilla Firefox version from 2.0 to 3.0.5 on Windows.
References
Severity
Classification
-
CVE CVE-2009-5913 -
CVSS Base Score: 2.1
AV:N/AC:H/Au:S/C:N/I:P/A:N
Related Vulnerabilities
- OTRS Event Notification Information Disclosure Vulnerability
- phpLDAPadmin 'base' Parameter Cross Site Scripting Vulnerability
- Bitweaver 'edit.php' HTML Injection Vulnerability
- ownCloud Multiple Cross Site Scripting Vulnerabilities -03 May14
- phpBB 'includes/message_parser.php' HTML Injection Vulnerability