Mozilla Foundation Security Advisory 2005-51
Title: The return of frame-injection spoofing
Severity: Moderate
Reporter: Secunia.com
Products: Firefox 1.0.3, Mozilla Suite 1.7.7
Fixed in: Firefox 1.0.5
Mozilla Suite 1.7.9
Description
The original frame-injection spoofing bug was fixed in the Mozilla Suite 1.7
and Firefox 0.9 releases. This protection was accidentally disabled by one
of the fixes in the Firefox 1.0.3 and Mozilla Suite 1.7.7 releases.
Workaround
References
http://secunia.com/advisories/15601/
https://bugzilla.mozilla.org/show_bug.cgi?id=296850