Intrusion Prevention

Mozilla.Firefox.About.Blank.Spoof

Description

This indicates an attack attempt to exploit a Spoofing vulnerability in Mozilla Firefox.
The issue is caused by a design error in the vulnerable software. It may allow remote attackers to do spoofing attacks by writing to an "about:blank" tab.

Affected Products

Mozilla Firefox 2.0.1
Mozilla Firefox 1.5 beta 2
Mozilla Firefox 1.5 beta 1
Mozilla Firefox 1.5.8
Mozilla Firefox 1.5.6
Mozilla Firefox 1.5
Mozilla Firefox 1.0.8
Mozilla Firefox 1.0.7
Mozilla Firefox 1.0.6
Mozilla Firefox 1.0.5
Mozilla Firefox 1.0.5
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.3
Mozilla Firefox 1.0.2
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0
Mozilla Firefox 0.10.1
Mozilla Firefox 0.10
Mozilla Firefox 0.9.3
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9 rc
Mozilla Firefox 0.9
Mozilla Firefox 0.8
Mozilla Firefox 2.0
Mozilla Firefox 1.5.0.9
Mozilla Firefox 1.5.0.8
Mozilla Firefox 1.5.0.7
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.0.3
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.1

Impact

Security Bypass.

Recommended Actions

Upgrade to the latest version, available from the web site:
http://www.mozilla.com/en-US/firefox/fx/

CVE References

CVE-2007-1004