EUVD-2005-0403

Malware in sbrugna...

SUSE CVE-2005-0402

Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into saving a page as a Firefox sidebar panel, then using the sidebar panel to inject Javascript into a privileged page...

Mozilla Firefox Sidebar Panel Code Execution (CVE-2005-0402)

A remote code execution vulnerability has been reported in the Mozilla Firefox sidebar panel...

Mozilla Firefox Sidebar Panel (CVE-2005-0402)

Firefox is a popular open source web browser for multiple platforms. The product implements various security features which are meant to protect the user from harmful actions which may be attempted by malicious web pages. Some of these security features are restrictions placed on access to...

Fedora Core 3 : firefox-1.0.2-1.3.1 (2005-246)

A buffer overflow bug was found in the way Firefox processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the...

FreeBSD : firefox -- arbitrary code execution in sidebar panel (1f2fdcff-ae60-11d9-a788-0001020eed82)

A Mozilla Foundation Security Advisory reports : Sites can use the search target to open links in the Firefox sidebar. Two missing security checks allow malicious scripts to first open a privileged page such as about:config and then inject script using a javascript : url. This could be used to...

FreeBSD : firefox -- arbitrary code execution from sidebar panel (741f8841-9c6b-11d9-9dbe-000a95bc6fae)

A Mozilla Foundation Security Advisory states : If a user bookmarked a malicious page as a Firefox sidebar panel that page could execute arbitrary programs by opening a privileged page and injecting JavaScript into it. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

CVE-2005-0402

Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into saving a page as a Firefox sidebar panel, then using the sidebar panel to inject Javascript into a privileged page...

firefox -- arbitrary code execution in sidebar panel

A Mozilla Foundation Security Advisory reports: Sites can use the search target to open links in the Firefox sidebar. Two missing security checks allow malicious scripts to first open a privileged page such as about:config and then inject script using a javascript: url. This could be used to...

security flaw

Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into saving a page as a Firefox sidebar panel, then using the sidebar panel to inject Javascript into a privileged page...

firefox -- arbitrary code execution from sidebar panel

A Mozilla Foundation Security Advisory states: If a user bookmarked a malicious page as a Firefox sidebar panel that page could execute arbitrary programs by opening a privileged page and injecting javascript into it...