Description
Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect.
Affected products
- galeon / galeon_browser1.2 – 1.2
- galeon / galeon_browser1.2.1 – 1.2.1
- Mozilla / mozilla0.9.9 – 0.9.9
- Mozilla / mozilla1.0 – 1.0
- netscape / navigator6.0 – 6.0
- netscape / navigator6.01 – 6.01
- netscape / navigator6.1 – 6.1
- netscape / navigator6.2 – 6.2
- netscape / navigator6.2.1 – 6.2.1
- netscape / navigator6.2.2 – 6.2.2
References
- MISChttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000490
- MISChttp://online.securityfocus.com/archive/1/270249
- MISChttp://www.iss.net/security_center/static/8977.php
- MISChttp://www.redhat.com/support/errata/RHSA-2003-046.html
- MISChttp://www.securityfocus.com/bid/4640
- MISChttp://www.redhat.com/support/errata/RHSA-2002-192.html