New Search

Mozilla Livefeed Bookmark Cookie Swiping

oval:org.mitre.oval:def:100046

Firefox before 1.0 allows the user to store a (1) javascript: or (2) data: URLs as a Livefeed bookmark then executes it in the security context of the currently loaded page when the user later accesses the bookmark which could allow remote attackers to execute arbitrary code.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
  • Microsoft Windows NT
  • Microsoft Windows Server 2003
  • Microsoft Windows XP
Class:
vulnerability
Reference(s):
  • CVE-2005-0150
Product(s):
  • Mozilla Firefox