Arbitrary code execution from Firefox sidebar panel II

Bug #16232 reported by Tres Seaver on 2005-04-19
8
Affects Status Importance Assigned to Milestone
firefox (Ubuntu)
Critical
Thom May

Bug Description

Sites can use the _search target to open links in the Firefox sidebar. Two
missing security checks allow malicious scripts to first open a privileged page
(such as about:config) and then inject script using a javascript: url. This
could be used to install malicious code or steal data without user interaction.

Fixed in: Firefox 1.0.3 / Mozilla Suite 1.7.7

Workaround: Disable Javascript

References:

 - https://bugzilla.mozilla.org/show_bug.cgi?id=290079

http://www.mozilla.org/security/announce/mfsa2005-39.html: http://www.mozilla.org/security/announce/mfsa2005-39.html

Uphaar Agrawalla (uphaar) wrote :

This vulnerability is fixed in Ubuntu's Firefox 1.0.2-0ubuntu5.1
http://changelogs.ubuntu.com/changelogs/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.2-0ubuntu5.1/changelog

Closing as Fixed.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.