Intrusion Prevention



This indicates an attack attempt to exploit a Content Injection Spoofing vulnerability in Mozilla products.
This issue is caused by an error in the vulnerable software when handling a web page with an invalid url that is passed to "document.location". It may allow remote attackers to execute arbitrary code by sending a crafted web page.

Affected Products

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6
SeaMonkey before 2.0.1


Information Spoofing

Recommended Actions

Refer to the vendor's web site for suggested workaround.

CVE References