Mozilla Firefox 'JavaScript' Security Bypass Vulnerability Network Vulnerability

Summary

The host is installed with firefox browser and is prone to security bypass vulnerability.

Impact

Successful exploitation will allow attackers to bypass certain security restrictions or manipulate certain data. Impact Level: Application

Solution

Upgrade to Mozilla Firefox version 3.6.3 or later For updates refer to http://www.mozilla.com/en-US/firefox/all.html

Insight

The flaw is due to an error in 'JavaScript' implementation which allows to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.

Affected

Mozilla Firefox version 3.x on Windows.

References

http://www.securityfocus.com/archive/1/archive/1/510070/100/0/threaded

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-1125

CVSS	Base Score: 5.8 AV:N/AC:M/Au:N/C:P/I:P/A:N

Related Vulnerabilities

aMSN session hijack vulnerability (Windows)
Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Linux)
Apple Safari JavaScript Implementation Information Disclosure Vulnerability (Windows)
Apple QuickTime Multiple Arbitrary Code Execution Vulnerabilities (Win)
Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Windows)

Take action and discover your vulnerabilities