The InstallTrigger.install method in Firefox prior to 1.0.5 and Mozilla prior to 1.7.9 allows remote malicious users to execute a callback function in the context of another domain by forcing a page navigation after the install method has been called, which causes the callback to be run in the context of the new page and results in a same origin violation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 0.10 |
||
mozilla firefox 0.10.1 |
||
mozilla firefox 1.0 |
||
mozilla firefox 1.0.1 |
||
mozilla mozilla 1.5 |
||
mozilla mozilla 1.5.1 |
||
mozilla mozilla 1.7 |
||
mozilla mozilla 1.7.1 |
||
mozilla firefox 0.9.1 |
||
mozilla firefox 0.9.2 |
||
mozilla firefox 1.0.4 |
||
mozilla mozilla 1.3 |
||
mozilla mozilla 1.4 |
||
mozilla mozilla 1.6 |
||
mozilla mozilla 1.7.5 |
||
mozilla mozilla 1.7.6 |
||
mozilla firefox 0.8 |
||
mozilla firefox 0.9 |
||
mozilla firefox 1.0.2 |
||
mozilla firefox 1.0.3 |
||
mozilla mozilla 1.7.2 |
||
mozilla mozilla 1.7.3 |
||
mozilla firefox 0.9.3 |
||
mozilla mozilla 1.4.1 |
||
mozilla mozilla 1.7.7 |
||
mozilla mozilla 1.7.8 |