Upstream information
Description
Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate local documents with external domain names located after the file:// substring in a URL, which allows user-assisted remote attackers to read arbitrary cookies via a crafted HTML document, as demonstrated by a URL with file://example.com/C:/ at the beginning.NVD CVSS v2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Novell/SUSE information
Novell Bugzilla entry: 505563, 515951 SUSE Security Advisories:- SUSE-SA:2009:034, published Tue, 16 Jun 2009 13:00:00 +0000
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| Novell Linux POS 9 Open Enterprise Server SUSE CORE 9 for AMD64 and Intel EM64T SUSE CORE 9 for IBM POWER SUSE CORE 9 for IBM S/390 31bit SUSE CORE 9 for IBM zSeries 64bit SUSE CORE 9 for Itanium Processor Family SUSE CORE 9 for x86 |
| core9.ia64 core9.ppc core9.s390 core9.s390x sles9-nld.x86-64 sles9-oes.x86 core9.x86 sles9-nlpos.x86 core9.x86-64 sles9-nld.x86 YOU Patch Nr: 12519 |
| Novell Linux Desktop 9 for x86 Novell Linux Desktop 9 for x86_64 |
| core9.ia64 core9.ppc core9.s390 core9.s390x sles9-nld.x86-64 sles9-oes.x86 core9.x86 sles9-nlpos.x86 core9.x86-64 sles9-nld.x86 YOU Patch Nr: 12519 |
| openSUSE 10.3 |
|
