2/27/2005

Firefox Address Bar Image Dragging Remote Script Execution Vulnerability

Filed under: — Aviran Mordo @ 1:07 pm

A remote script execution vulnerability affects Mozilla Firefox. This issue is due to a failure of the application to properly validate the origin of scripts prior to execution when loaded into a browser window by dragging JavaScript image URIs into the address bar.

An attacker may leverage this issue to execute arbitrary script code in the context of a target Web site in the browser of an unsuspecting user. This may facilitate cookie-based authentication credential theft as well as other attacks.

This vulnerability affects both Mozilla Firefox 1.0 and the newly updated Mozilla Firefox 1.0.1.

Currently there is no workaround for this problem

 

One Response to “Firefox Address Bar Image Dragging Remote Script Execution Vulnerability”

  1. mr kevin, Says:
    April 8th, 2005 at 10:38 am

    iam kevin from sourthen america

    looking for assistance in business i’ have sum of money to invest in any good company in any country good for business, any person who can assist me will have his or her own pecentages ,

    thanks

Leave a Reply

You must have Javascript enabled in order to submit comments.

All fields are optional (except comment).
Some comments may be held for moderation (depends on spam filter) and not show up immediately.
Links will automatically get rel="nofollow" attribute to deter spammers.

Powered by WordPress