CVE-2010-2751

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions 3.5.x through 3.5.10 Mozilla Firefox versions 3.6.x through 3.6.6 SeaMonkey versions prior to 2.0.6

Description The issue allows remote attackers to spoof the SSL security status of a document via vectors involving multiple requests, a redirect, and the history.back and history.forward JavaScript functions. This is due to a problem in the nsDocShell::OnRedirectStateChange function.

Recommendations For Mozilla Firefox versions 3.5.x through 3.5.10, update to version 3.5.11 or later. For Mozilla Firefox versions 3.6.x through 3.6.6, update to version 3.6.7 or later. For SeaMonkey versions prior to 2.0.6, update to version 2.0.6 or later.