24 matches found
Firefox Remote Compromise Technical Details
Firefox Remote Compromise Technical Details Before I start, I need to say that this thing has been patched on Mozilla's server. If you take a look at any of the extension install pages on their site, you will see that the install function has a bunch of random letters and numbers after it. Even...
CVE-2005-1477
The install function in Firefox 1.0.3 allows remote web sites on the browser's whitelist, such as update.mozilla.org or addon.mozilla.org, to execute arbitrary Javascript with chrome privileges, leading to arbitrary code execution on the system when combined with vulnerabilities such as...
CVE-2005-1477
The install function in Firefox 1.0.3 allows remote web sites on the browser's whitelist, such as update.mozilla.org or addon.mozilla.org, to execute arbitrary Javascript with chrome privileges, leading to arbitrary code execution on the system when combined with vulnerabilities such as...
CVE-2005-1477
CVE-2005-1477 describes an arbitrary JavaScript execution flaw in Firefox 1.0.3 via the installer’s IconURL handling, enabling code execution with chrome privileges when a trusted extension install site (e.g., update.mozilla.org/addon.mozilla.org) is used, potentially chaining with CVE-2005-1476....