• Security Center
  • Security Advisories
  • Known Vulnerabilities
  • Bug Bounty
  • Security Blog

You are here: Security Center > Mozilla Foundation Security Advisories > MFSA 2012-59

Mozilla Foundation Security Advisory 2012-59

Title: Location object can be shadowed using Object.defineProperty
Impact: High
Announced: August 28, 2012
Reporter: Mariusz Mlynski
Products: Firefox, Thunderbird, SeaMonkey

Fixed in: Firefox 15
  Firefox ESR 10.0.8
  Thunderbird 15
  Thunderbird ESR 10.0.8
  SeaMonkey 2.12

Description

Security researcher Mariusz Mlynski reported that it is possible to shadow the location object using Object.defineProperty. This could be used to confuse the current location to plugins, allowing for possible cross-site scripting (XSS) attacks.

Update October 9, 2012: This advisory was updated to reflect the fact that bug 756719 was also fixed in ESR 10.0.8.

References

• Object.defineProperty can shadow window.location
• CVE-2012-1956