Common Vulnerabilities and Exposures assigned an identifier CVE-2009-4630 to the following vulnerability: Name: CVE-2009-4630 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4630 Assigned: 20100129 Reference: MISC: https://bugzilla.mozilla.org/show_bug.cgi?id=453403 Reference: MISC: https://bugzilla.mozilla.org/show_bug.cgi?id=492196 Mozilla Necko, as used in Firefox, SeaMonkey, and other applications, performs DNS prefetching of domain names contained in links within local HTML documents, which makes it easier for remote attackers to determine the network location of the application's user by logging DNS requests. NOTE: the vendor disputes the significance of this issue, stating "I don't think we necessarily need to worry about that case."
Note that this issue would not affect Firefox, Thunderbird or Seamonkey as shipped with Red Hat Enterprise Linux 3, 4, or 5 as DNS prefetching was not implemented in the versions of Firefox, Thunderbird or Seamonkey provided (no nsHTMLDNSPrefetch.cpp, for instance). DNS prefetching was implemented in xulrunner 1.9.1 as per https://bugzilla.mozilla.org/show_bug.cgi?id=453403).