Mozilla Firefox prior to 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote malicious users to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 19.0.1 |
||
mozilla firefox 19.0.2 |
||
mozilla firefox 20.0 |
||
mozilla firefox 20.0.1 |
||
mozilla firefox 19.0 |
||
mozilla firefox |