Cross-domain vulnerability in GreenBrowser 3.4.0622 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, a similar vulnerability to CVE-2006-3280.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2007-02-09T01:00:00
Updated: 2007-09-13T09:00:00
Reserved: 2007-02-08T00:00:00
Link: CVE-2006-6984
JSON object: View
NVD Information
Status : Analyzed
Published: 2007-02-09T01:28:00.000
Modified: 2011-03-08T02:47:38.893
Link: CVE-2006-6984
JSON object: View
Redhat Information
No data.
CWE