Mozilla Foundation Security Advisory 2011-15

2011-05-01T00:00:00
ID SECURITYVULNS:DOC:26240
Type securityvulns
Reporter Securityvulns
Modified 2011-05-01T00:00:00

Description

Mozilla Foundation Security Advisory 2011-15

Title: Escalation of privilege through Java Embedding Plugin Impact: Critical Announced: April 28, 2011 Reporter: David Remahl Products: Firefox, SeaMonkey

Fixed in: Firefox 3.6.17 Firefox 3.5.19 SeaMonkey 2.0.14 Description

David Remahl of Apple Product Security reported that the Java Embedding Plugin (JEP) shipped with the Mac OS X versions of Firefox could be exploited to obtain elevated access to resources on a user's system.

Firefox 4 was not affected by this issue. References

JEP privilege escalation bugs
CVE-2011-0076