Your system may not meet the requirements for Firefox, but you can try one of these versions:

Your system doesn't meet the requirements to run Firefox.

Your system doesn't meet the requirements to run Firefox.

Please follow these instructions to install Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2012-03

<iframe> element exposed across domains via name attribute

Announced
January 31, 2012
Reporter
Vitaly Nevgen
Impact
High
Products
Firefox, SeaMonkey, Thunderbird
Fixed in
  • Firefox 10
  • SeaMonkey 2.7
  • Thunderbird 10

Description

Vitaly Nevgen reported that an attacker could replace a sub-frame in another domain's document by using the name attribute of the sub-frame as a form submission target. This can potentially allow for phishing attacks against users and violates the HTML5 frame navigation policy.

Firefox 3.6 and Thunderbird 3.1 are not affected by this vulnerability.

References