You are here: Known Vulnerabilities in Mozilla Products (Firefox 184.108.40.206) > MFSA 2007-05
Mozilla Foundation Security Advisory 2007-05
Title: XSS and local file access by opening blocked popups
Announced: February 23, 2007
Reporter: shutdown, Michal Zalewski
Products: Firefox, SeaMonkey
Fixed in: Firefox 220.127.116.11
Similarly, Michal Zalewski reported that although pages loaded from the web normally cannot open windows containing local files, if you could convince a user to open a blocked popup then this restriction could be bypassed. In order to take advantage of this flaw the attacker would have to know the full path to a locally-saved file containing malicious script. He also reported that a flaw in the seeding of the pseudo-random number generator resulted in downloaded files being saved to temporary files with a reasonably predictable name. The two combined could be used to steal information saved on the local disk.
Do not open blocked popups individually, instead either ignore them or decide to enable popups on a per-site basis.