Cross-domain vulnerability in FineBrowser Freeware 3.2.2 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, a similar vulnerability to CVE-2006-3280.
References
Configurations
History
No history.
Information
Published : 2007-02-09 01:28
Updated : 2024-02-28 11:01
NVD link : CVE-2006-6987
Mitre link : CVE-2006-6987
CVE.ORG link : CVE-2006-6987
JSON object : View
Products Affected
softinform
- finebrowser
CWE