Mozilla Firefox 3.0.1 through 3.0.3, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13, when running on Windows, do not properly identify the context of Windows .url shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive information via an HTML document that is directly accessible through a filesystem, as demonstrated by documents in (1) local folders, (2) Windows share folders, and (3) RAR archives, and as demonstrated by IFRAMEs referencing shortcuts that point to (a) about:cache?device=memory and (b) about:cache?device=disk, a variant of CVE-2008-2810.
liudieyu0.blog124.fc2.com/blog-entry-6.html
secunia.com/advisories/32192
secunia.com/advisories/32684
secunia.com/advisories/32693
secunia.com/advisories/32714
secunia.com/advisories/32721
secunia.com/advisories/32778
secunia.com/advisories/32845
secunia.com/advisories/32853
secunia.com/advisories/33433
secunia.com/advisories/33434
secunia.com/advisories/34501
securityreason.com/securityalert/4416
securitytracker.com/alerts/2008/Nov/1021212.html
sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
ubuntu.com/usn/usn-667-1
www.debian.org/security/2008/dsa-1669
www.debian.org/security/2008/dsa-1671
www.debian.org/security/2009/dsa-1696
www.debian.org/security/2009/dsa-1697
www.mozilla.org/security/announce/2008/mfsa2008-47.html
www.securityfocus.com/archive/1/497091/100/0/threaded
www.securityfocus.com/bid/31611
www.securityfocus.com/bid/31747
www.securitytracker.com/id?1021190
www.us-cert.gov/cas/techalerts/TA08-319A.html
www.vupen.com/english/advisories/2008/2818
www.vupen.com/english/advisories/2009/0977
bugzilla.mozilla.org/show_bug.cgi?id=455311
exchange.xforce.ibmcloud.com/vulnerabilities/45740
www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html
www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html