Mozilla Suite And Firefox XPInstall JavaScript Object Instance Validation Vulnerability

Mozilla Suite and Mozilla Firefox are affected by an input-validation vulnerability because the applications fail to verify input passed to installation objects.

An attacker may be able to exploit this issue to execute malicious code in the context of the affected browser, subsequently facilitating unauthorized access.

Note that this issue was previously reported in BID 13208 (Mozilla Suite Multiple Code Execution, Cross-Site Scripting, And Policy Bypass Vulnerabilities); it has been assigned its own BID.


Privacy Statement
Copyright 2010, SecurityFocus