0
POPSFirefox / Seamonkey HTTP Referer Vulnerability This issue relates to Cross-site Request Forgeries. One countermeasure is for the authenticating web site to check the HTTP Referer header to ensure the request is coming from an authorized site. This vulnerability permitted an attacker to delay the loading of the attack script until the intended (permitted) referring page was loaded, which would circumvent HTTP Referer checks to prevent CSRF. Solution: Update to Firefox 2.0.0.10 and latest version of SeaMonkey. See next post for explanation of CSRS (aka XSRF)
Pops
Newest Clips
Latest Comments
Most Pops
Print
Save
Turn on live update