Mozilla Necko, as used in Firefox, SeaMonkey, and other applications, performs DNS prefetching of domain names contained in links within local HTML documents, which makes it easier for remote attackers to determine the network location of the application's user by logging DNS requests. NOTE: the vendor disputes the significance of this issue, stating "I don't think we necessarily need to worry about that case."
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:10
Type | Values Removed | Values Added |
---|---|---|
References | () https://bugzilla.mozilla.org/show_bug.cgi?id=453403 - | |
References | () https://bugzilla.mozilla.org/show_bug.cgi?id=492196 - |
Information
Published : 2010-01-29 18:30
Updated : 2024-11-21 01:10
NVD link : CVE-2009-4630
Mitre link : CVE-2009-4630
CVE.ORG link : CVE-2009-4630
JSON object : View
Products Affected
mozilla
- firefox
- seamonkey
- thunderbird
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor