Mozilla Firefox PLUGINSPAGE Remote Script Code Execution Vulnerability

Mozilla Firefox PLUGINSPAGE Remote Script Code Execution Vulnerability

A remote code-execution vulnerability affects Mozilla Firefox because the application fails to deny remote unauthorized access to malicious Plugin Finder Service links.

An attacker may be able to exploit this issue to execute arbitrary script code with the privileges of an unsuspecting user that activated the affected browser. This may facilitate the installation and execution of malicious applications, subsequently facilitating unauthorized access.

Note that this issue was previously reported in BID 13208 (Mozilla Suite Multiple Code Execution, Cross-Site Scripting, And Policy Bypass Vulnerabilities); it has been assigned its own BID.