Mozilla Suite And Firefox Favicon Link Tag Remote Script Code Execution Vulnerability

Mozilla Suite And Firefox Favicon Link Tag Remote Script Code Execution Vulnerability

A remote code-execution vulnerability affects Mozilla Suite and Mozilla Firefox because the applications fail to deny remote unauthorized access to trusted local interfaces.

An attacker may be able to exploit this issue to execute arbitrary script code with the privileges of an unsuspecting user that activated the affected browser. This may facilitate the installation and execution of malicious applications on an affected computer.

Note that this issue was previously reported in BID 13208 (Mozilla Suite Multiple Code Execution, Cross-Site Scripting, And Policy Bypass Vulnerabilities); it has been assigned its own BID.