You are currently viewing a snapshot of www.mozilla.org taken on April 21, 2008. Most of this content is highly out of date (some pages haven't been updated since the project began in 1998) and exists for historical purposes only. If there are any pages on this archive site that you think should be added back to www.mozilla.org, please file a bug.



You are here: Known Vulnerabilities in Mozilla Products (Firefox 2.0.0.1) > MFSA 2006-75

Mozilla Foundation Security Advisory 2006-75

Title: RSS Feed-preview referrer leak
Impact: Low
Announced: December 19, 2006
Reporter: Jared Breland
Products: Firefox 2.0

Fixed in: Firefox 2.0.0.1

Description

Jared Breland reported on LEGROOM.net that when the new "Feed Preview" feature in Firefox 2.0 retrieves the icons of the installed web-based feed viewers it is potentially informing those services of your feed-browsing habits by sending the URL of the feed in a referrer header with each icon request.

This was an oversight and has been fixed in Firefox 2.0.0.1

Workaround

Upgrade to Firefox 2.0.0.1

References