Mozilla Firefox and Thunderbird 1.x prior to 1.5 and 1.0.x prior to 1.0.8, Mozilla Suite prior to 1.7.13, and SeaMonkey prior to 1.0 allows remote malicious users to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 1.0 |
||
mozilla firefox 1.5 |
||
mozilla thunderbird 1.0 |
||
mozilla thunderbird 1.0.1 |
||
mozilla thunderbird 1.5 |
||
mozilla firefox 1.0.3 |
||
mozilla firefox 1.0.4 |
||
mozilla mozilla suite 1.7.6 |
||
mozilla mozilla suite 1.7.7 |
||
mozilla thunderbird 1.0.4 |
||
mozilla thunderbird 1.0.5 |
||
mozilla seamonkey |
||
mozilla thunderbird |
||
mozilla firefox 1.0.5 |
||
mozilla firefox 1.0.6 |
||
mozilla mozilla suite 1.7.8 |
||
mozilla seamonkey 1.0 |
||
mozilla thunderbird 1.0.6 |
||
mozilla firefox 1.0.1 |
||
mozilla firefox 1.0.2 |
||
mozilla mozilla suite 1.7.10 |
||
mozilla mozilla suite 1.7.11 |
||
mozilla thunderbird 1.0.2 |
||
mozilla thunderbird 1.0.3 |
||
mozilla firefox |
||
mozilla mozilla suite |