XULDocument.persist() did not validate the attribute name, allowing an attacker to inject XML into localstore.rdf that would be read and acted upon at startup. This could include JavaScript commands that would be run with the permissions of the browser.
CPE | Name | Operator | Version |
---|---|---|---|
firefox | lt | 1.0.8 | |
firefox | lt | 1.5.0.1 | |
mozilla suite | lt | 1.7.13 | |
seamonkey | lt | 1 | |
thunderbird | lt | 1.0.8 | |
thunderbird | lt | 1.5.0.2 |