Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2013-1688

Source

Mozilla Foundation Security Advisory 2013-52

Arbitrary code execution within Profiler

Announced

June 25, 2013

Reporter

Mariusz Mlynski

Impact

High

Products

Firefox

Fixed in

Firefox 22

Description

Security researcher Mariusz Mlynski reported that when a user examines the profiler output on a malicious website containing specially crafted code, it is possible for arbitrary code execution to occur. This occurs because the profiler user interface runs in a special iframe that parses data from the profiler to render the UI, leaving it susceptible to manipulation.

References

Arbitrary code execution from Profiler (CVE-2013-1688)

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Arbitrary code execution within Profiler

Arbitrary code execution within Profiler

Description

References

Vulmon Search

About

Products

Connect