Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of service via a plain .txt file with a "Content-Disposition: attachment" and an invalid "Content-Type: plain/text," which prevents Firefox from rendering future plain text files within the browser.
Software | From | Fixed in |
---|---|---|
mozilla / firefox | - | 2.0.0.11.x |
mozilla / seamonkey | - | 1.1.7.x |