Privilege escalation via non-DOM property overrides

2005-05-11T00:00:00
ID MFSA2005-44
Type mozilla
Reporter Mozilla Foundation
Modified 2005-05-11T00:00:00

Description

Additional checks were added to make sure Javascript eval and Script objects are run with the privileges of the context that created them, not the potentially elevated privilege of the context calling them in order to protect against an additional variant of MFSA 2005-41.