Mozilla Firefox 'window.opener' Property Chrome Privilege Escalation Vulnerability

Mozilla Firefox and SeaMonkey are prone to a privilege-escalation vulnerability.

Attackers can exploit this issue to execute arbitrary code with the object's chrome privileges.

NOTE: This issue was previously covered in BID 37349 (Mozilla Firefox and SeaMonkey MFSA 2009-65 through -71 Multiple Vulnerabilities), but has been assigned its own record to better document it.


Privacy Statement
Copyright 2010, SecurityFocus