• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Mozilla Browser Remote Insecure XUL Start Up Script Loading Vulnerability

Mozilla Suite and Mozilla Firefox are affected by a remote insecure XUL script loading vulnerability. This issue is due to an access validation issue that causes the script to be loaded with elevated privileges.

An attacker may leverage this issue to execute XUL startup scripts with elevated privileges. The vendor has reported that the security impact of this is currently limited.