Mozilla Foundation Security Advisory 2005-51

The return of frame-injection spoofing

Announced
July 12, 2005
Reporter
Secunia.com
Impact
Moderate
Products
Firefox, Mozilla Suite
Fixed in
  • Firefox 1.0.5
  • Mozilla Suite 1.7.10

Description

The original frame-injection spoofing bug was fixed in the Mozilla Suite 1.7 and Firefox 0.9 releases. This protection was accidentally bypassed by one of the fixes in the Firefox 1.0.3 and Mozilla Suite 1.7.7 releases.

Workaround

References