EvalInSandbox in Mozilla Firefox and Thunderbird prior to 1.5.0.4 allows remote malicious users to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 1.0 |
||
mozilla firefox 1.0.7 |
||
mozilla firefox 1.5 |
||
mozilla thunderbird 1.0.2 |
||
mozilla thunderbird 1.0.3 |
||
mozilla firefox 1.0.1 |
||
mozilla firefox 1.0.2 |
||
mozilla firefox 1.5.0.1 |
||
mozilla thunderbird 1.0.4 |
||
mozilla thunderbird 1.0.5 |
||
mozilla firefox 1.0.5 |
||
mozilla firefox 1.0.6 |
||
mozilla thunderbird 1.0 |
||
mozilla thunderbird 1.0.1 |
||
mozilla thunderbird 1.0.7 |
||
mozilla thunderbird 1.5 |
||
mozilla firefox 1.0.3 |
||
mozilla firefox 1.0.4 |
||
mozilla firefox preview_release |
||
mozilla thunderbird 1.0.6 |