Privilege escalation via non-DOM property overrides

ID MFSA2005-44
Type mozilla
Reporter Mozilla Foundation
Modified 2005-05-11T00:00:00


Additional checks were added to make sure Javascript eval and Script objects are run with the privileges of the context that created them, not the potentially elevated privilege of the context calling them in order to protect against an additional variant of MFSA 2005-41.