Your system may not meet the requirements for Firefox, but you can try one of these versions:

Your system doesn't meet the requirements to run Firefox.

Your system doesn't meet the requirements to run Firefox.

Please follow these instructions to install Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2014-05

Information disclosure with *FromPoint on iframes

Announced
February 4, 2014
Reporter
Jordan Milne
Impact
Moderate
Products
Firefox, SeaMonkey
Fixed in
  • Firefox 27
  • SeaMonkey 2.24

Description

Security researcher Jordan Milne reported an information leak where document.caretPositionFromPoint and document.elementFromPoint functions could be used on a cross-origin iframe to gain information on the iframe's DOM and other attributes through a timing attack, violating same-origin policy.

In general this flaw cannot be exploited through email in the Seamonkey product because scripting is disabled in mail, but is potentially a risk in browser or browser-like contexts.

References