Mozilla prior to 1.7, Firefox prior to 0.9, and Thunderbird prior to 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox |
||
mozilla mozilla |
||
mozilla thunderbird |