Mozilla Suite And Firefox Search Plug-In Remote Script Code Execution Vulnerability

Mozilla Suite And Firefox Search Plug-In Remote Script Code Execution Vulnerability

A remote code-execution vulnerability affects Mozilla Suite and Mozilla Firefox because the applications fail to validate access prior to executing remotely supplied scripts.

An attacker may leverage this issue to execute arbitrary code in the context of a site that is being viewed by an unsuspecting user. If the web page being viewed is a privileged page, remote code execution is possible. This may facilitate cross-site scripting as well as a compromise of an affected computer.

Note that this issue was previously reported in BID 13208 (Mozilla Suite Multiple Code Execution, Cross-Site Scripting, And Policy Bypass Vulnerabilities); it has been assigned its own BID.