A regression error in Mozilla Firefox 2.x prior to 2.0.0.2 and 1.x prior to 1.5.0.10, and SeaMonkey 1.1 prior to 1.1.1 and 1.0 prior to 1.0.8, allows remote malicious users to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla seamonkey |
||
mozilla firefox |
||
debian debian linux 3.1 |