Your system may not meet the requirements for Firefox, but you can try one of these versions:

Your system doesn't meet the requirements to run Firefox.

Your system doesn't meet the requirements to run Firefox.

Please follow these instructions to install Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2010-33

User tracking across sites using Math.random()

Announced
June 22, 2010
Reporter
Amit Klein
Impact
Low
Products
Firefox, SeaMonkey
Fixed in
  • Firefox 3.5.10
  • Firefox 3.5.12
  • Firefox 3.6.4
  • Firefox 3.6.9
  • SeaMonkey 2.0.5

Description

Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random(). Since the pseudo-random number generator was only seeded once per browsing session, this seed value could be used as a unique token to identify and track users across different web sites.

Update (October 27, 2010): After the Firefox 3.6.4 and Firefox 3.5.10 releases, Amit Klein reported that there was an additional unfixed case where user tracking could occur using the above-mentioned technique and a pop-up window or iframe that was subsequently navigated by the user. This additional variant is identified as CVE-2010-3171.

References