Definition

Mozilla Search Plugin Cross-site Scripting Vulnerability

oval:org.mitre.oval:def:100020

Firefox before 1.0.3 Mozilla Suite before 1.7.7 and Netscape 7.2 allows remote attackers to execute arbitrary script and code via a new search plugin using sidebar.addSearchEngine aka "Firesearching 1."

Family:

windows

Status:

ACCEPTED

Platform(s):

Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows 2000
Microsoft Windows NT

Class:

vulnerability

Reference(s):

CVE-2005-1156

Product(s):

mozilla
Mozilla Firefox