New Search

Mozilla Script Privilege Context Vulnerabilities

oval:org.mitre.oval:def:100014

Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides" a variant of CVE-2005-1160.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows NT
  • Microsoft Windows XP
  • Microsoft Windows 2000
  • Microsoft Windows Server 2003
Class:
vulnerability
Reference(s):
  • CVE-2005-1532
Product(s):
  • mozilla
  • Mozilla Firefox