New Search

RHE4 Firefox External App Code Acceptance Vulnerability

oval:org.mitre.oval:def:1073

Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL which is run in the context of the previous page and may lead to code execution if the standalone application loads a privileged chrome: URL.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2005-2267
Product(s):
  • mozilla