Intrusion Prevention

Mozilla.Firefox.Cross.Domain.Information.Disclosure

Description

This indicates an attack attempt to exploit an Information Disclosure vulnerability in Mozilla Firefox.
The vulnerability is due to a design error in the application when handling cross domain access to the "Location" object. An attacker can exploit this by tricking an unsuspecting user into visiting a malicious webpage and gain unauthorized access to sensitive information.

Affected Products

Mozilla Foundation Firefox 16.0

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Upgrade to the latest version available from the website.
http://www.mozilla.org/en-US/firefox/new/

CVE References

CVE-2012-4192