Common Vulnerabilities and Exposures assigned an identifier CVE-2010-0654 to the following vulnerability: Mozilla Firefox permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote HTTP servers to obtain sensitive information via a crafted document. http://code.google.com/p/chromium/issues/detail?id=9877 The above CVE description is a bit misleading. They mention Firefox, but point to a Google Chrome bug report. This issue affects Gecko-based browsers as well as WebKit-based browsers, with a more detailed writeup written by Chris Evans: http://scarybeastsecurity.blogspot.com/2009/12/generic-cross-browser-cross-domain.html and an upstream WebKit bug report (currently not public): https://bugs.webkit.org/show_bug.cgi?id=29820 I imagine there must also be a corresponding Mozilla bug regarding this as Chris' blog post does indicate they have discussed this issue with Mozilla.
Ah, I see what happened here. CVE-2010-0654 is assigned to Firefox, while CVE-2010-0651 is assigned to WebKit. Presumably other browsers that fix this flaw will receive their own CVE names (i.e. IE and Opera, etc.).
This has now been addressed upstream: http://www.mozilla.org/security/announce/2010/mfsa2010-46.html Google security researcher Chris Evans reported that data can be read across domains by injecting bogus CSS selectors into a target site and then retrieving the data using JavaScript APIs. If an attacker can inject opening and closing portions of a CSS selector into points A and B of a target page, then the region between the two injection points becomes readable to JavaScript through, for example, the getComputedStyle() API.
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2010:0547 https://rhn.redhat.com/errata/RHSA-2010-0547.html
seamonkey-2.0.6-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
xulrunner-1.9.2.7-1.fc13, firefox-3.6.7-1.fc13, mozvoikko-1.0-12.fc13, gnome-web-photo-0.9-10.fc13, perl-Gtk2-MozEmbed-0.08-6.fc13.15, gnome-python2-extras-2.25.3-20.fc13, galeon-2.0.7-30.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
thunderbird-3.0.6-1.fc12, sunbird-1.0-0.23.20090916hg.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
seamonkey-2.0.6-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
xulrunner-1.9.1.11-1.fc12, firefox-3.5.11-1.fc12, gnome-web-photo-0.9-8.fc12, mozvoikko-1.0-11.fc12, perl-Gtk2-MozEmbed-0.08-6.fc12.14, gnome-python2-extras-2.25.3-19.fc12, galeon-2.0.7-24.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
thunderbird-3.1.1-1.fc13, sunbird-1.0-0.26.b2pre.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.