Cross-domain vulnerability in Mozilla Firefox allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object. NOTE: this description was based on a report that has since been retracted by the original authors. The authors misinterpreted their test results. Other third parties also disputed the original report. Therefore, this is not a vulnerability. It is being assigned a candidate number to provide a clear indication of its status
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2006-07-06T01:00:00
Updated: 2018-10-18T14:57:01
Reserved: 2006-07-05T00:00:00
Link: CVE-2006-3352
JSON object: View
NVD Information
Status : Modified
Published: 2006-07-06T01:05:00.000
Modified: 2024-05-17T00:29:20.943
Link: CVE-2006-3352
JSON object: View
Redhat Information
No data.
CWE