You are here: Known Vulnerabilities in Mozilla Products (Firefox 2.0.0.1) > MFSA 2006-75

Mozilla Foundation Security Advisory 2006-75

Title: RSS Feed-preview referrer leak
Impact: Low
Announced: December 19, 2006
Reporter: Jared Breland
Products: Firefox 2.0

Fixed in: Firefox 2.0.0.1

Description

Jared Breland reported on LEGROOM.net that when the new "Feed Preview" feature in Firefox 2.0 retrieves the icons of the installed web-based feed viewers it is potentially informing those services of your feed-browsing habits by sending the URL of the feed in a referrer header with each icon request.

This was an oversight and has been fixed in Firefox 2.0.0.1

Workaround

Upgrade to Firefox 2.0.0.1

References