virus logo Intrusion Prevention

Mozilla.Firefox.Cross.Domain.Information.Disclosure

description-logoDescription

This indicates an attack attempt to exploit an Information Disclosure vulnerability in Mozilla Firefox.
The vulnerability is due to a design error in the application when handling cross domain access to the "Location" object. An attacker can exploit this by tricking an unsuspecting user into visiting a malicious webpage and gain unauthorized access to sensitive information.

affected-products-logoAffected Products

Mozilla Foundation Firefox 16.0

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to the latest version available from the website.
http://www.mozilla.org/en-US/firefox/new/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-02-01 14.540 Name:Mozilla.
FireFox.
Cross.
Domain.
Information.
Disclosure:Mozilla.
Firefox.
Cross.
Domain.
Information.
Disclosure

References

http://www.thespanner.co.uk/2012/10/10/firefox-knows-what-your-friends-did-last-summer/ http://blog.mozilla.org/security/2012/10/10/security-vulnerability-in-firefox-16/
ID 33580
Created Oct 31, 2012
Updated May 04, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2012-4192
Exploit Prediction Score 8.37%
Default Action drop
Active
Affected OS Windows, Linux
Affected App Other