Candidate: CVE-2010-0648
PublicDate: 2010-02-18 18:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0648
 http://nomoreroot.blogspot.com/2010/01/little-bug-in-safari-and-google-chrome.html
Description:
 Mozilla Firefox, possibly before 3.6, allows remote attackers to discover a
 redirect's target URL, for the session of a specific user of a web site, by
 placing the site's URL in the HREF attribute of a stylesheet LINK element,
 and then reading the document.styleSheets[0].href property value, related
 to an IFRAME element.
Ubuntu-Description:
Notes:
Bugs:
 http://code.google.com/p/chromium/issues/detail?id=32309
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_firefox:
upstream_firefox: released (3.6)
dapper_firefox: ignored (reached end-of-life)
hardy_firefox: not-affected
intrepid_firefox: DNE
jaunty_firefox: DNE
karmic_firefox: DNE
devel_firefox: not-affected (3.6)

Patches_xulrunner-1.9.2:
upstream_xulrunner-1.9.2: needs-triage
dapper_xulrunner-1.9.2: DNE
hardy_xulrunner-1.9.2: released (1.9.2.6+nobinonly-0ubuntu0.8.04.1)
intrepid_xulrunner-1.9.2: DNE
jaunty_xulrunner-1.9.2: needs-triage
karmic_xulrunner-1.9.2: needs-triage
devel_xulrunner-1.9.2: not-affected (1.9.2)