Your system may not meet the requirements for Firefox, but you can try one of these versions:

Your system doesn't meet the requirements to run Firefox.

Your system doesn't meet the requirements to run Firefox.

Please follow these instructions to install Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2007-31

Digest authentication request splitting

Announced
October 18, 2007
Reporter
Stefano Di Paola
Impact
Moderate
Products
Firefox, SeaMonkey
Fixed in
  • Firefox 2.0.0.8
  • SeaMonkey 1.1.5

Description

Security researcher Stefano Di Paola reported that Firefox did not properly validate the user ID when making an HTTP request using Digest Authentication to log into a web site. A malicious page could abuse this to inject arbitrary HTTP headers by including a newline character in the user ID followed by the injected header data. If the user were connecting through a proxy the attacker could inject headers that a proxy would interpret as two separate requests for different hosts.

References