You are currently viewing a snapshot of www.mozilla.org taken on April 21, 2008. Most of this content is highly out of date (some pages haven't been updated since the project began in 1998) and exists for historical purposes only. If there are any pages on this archive site that you think should be added back to www.mozilla.org, please file a bug.



You are here: Known Vulnerabilities in Mozilla Products (Firefox 2.0.0.8) > MFSA 2007-30

Mozilla Foundation Security Advisory 2007-30

Title: onUnload Tailgating
Impact: Low
Announced: October 18, 2007
Reporter: Michal Zalewski
Products: Firefox, SeaMonkey

Fixed in: Firefox 2.0.0.8
  SeaMonkey 1.1.5

Description

Michal Zalewski demonstrated that onUnload event handlers had access to the address of the new page about to be loaded, even if the navigation was triggered from outside the page content such as by using a bookmark, pressing the back button, or typing an address into the location bar. If the bookmark contained sensitive information in the URL the attacking page might be able to take advantage of it. An attacking page would also be able to redirect the user, perhaps to a phishing page that looked like the site the user thought they were about to visit.

References