CVE-2011-0059 Information
Description
Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14 and SeaMonkey before 2.0.12 allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugin and received a 307 redirect to a page on a different web site.
Reference
http://downloads.avaya.com/css/P8/documents/100133195 http://support.avaya.com/css/P8/documents/100128655 http://www.mandriva.com/security/advisories?name=MDVSA-2011:041 http://www.mozilla.org/security/announce/2011/mfsa2011-10.html http://www.redhat.com/support/errata/RHSA-2011-0313.html http://www.securityfocus.com/bid/46652 https://bugzilla.mozilla.org/show_bug.cgi?id=573873 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14473
Share on: