Your system may not meet the requirements for Firefox, but you can try one of these versions:

Your system doesn't meet the requirements to run Firefox.

Your system doesn't meet the requirements to run Firefox.

Please follow these instructions to install Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2006-61

Frame spoofing using document.open()

Announced
September 14, 2006
Reporter
shutdown
Impact
Low
Products
Firefox, SeaMonkey
Fixed in
  • Firefox 1.5.0.7
  • SeaMonkey 1.0.5

Description

shutdown demonstrated a way to inject content into a sub-frame of another site using targetWindow.frames[n].document.open(), making the attackers content look like it was part of the victim site. Similar in effect to MFSA 2005-51.

Workaround

The victim site must first be opened in a new window (or tab) by the malicious site for this flaw to work. Do not enter a password or other sensitive information into a window "helpfully" opened by another site, always use the File menu option to open a trusted new window to which no other site has a reference.

References