security flaw

A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption...

Memory corruption

A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption...

CVE-2006-1790

A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption...

CVE-2006-1790

A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption...

security flaw

A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption...

CVE-2005-2263

CVE-2005-2263 affects Firefox (before 1.0.5) and Mozilla (before 1.7.9). The issue arises in InstallTrigger.install: forcing a page navigation after the install method is called causes a callback to be executed in the context of the new page, resulting in a same-origin violation. This means a rem...

FreeBSD : mozilla -- code execution via javascript: IconURL vulnerability (eca6195a-c233-11d9-804c-02061b08fc24)

A Mozilla Foundation Security Advisory reports : Two vulnerabilities have been discovered in Firefox, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system. - The problem is that 'IFRAME' JavaScript URLs are not properly protected from...

Mozilla Firefox executes JavaScript in the "IconURL" parameter of "InstallTrigger.install()" with chrome privileges

Overview Mozilla Firefox may execute JavaScript contained within the IconURL parameter of InstallTrigger.install with chrome privileges. This may allow an attacker to execute arbitrary commands on a vulnerable system. Description XPInstallXPInstall is a cross-platform software installation method...

mozilla -- code execution via javascript: IconURL vulnerability

A Mozilla Foundation Security Advisory reports: Two vulnerabilities have been discovered in Firefox, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system. The problem is that "IFRAME" JavaScript URLs are not properly protected from bein...