The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x prior to 3.0.15 and 3.5.x prior to 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote malicious users to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to "doubly-wrapped objects."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 3.0.1 |
||
mozilla firefox 3.0.10 |
||
mozilla firefox 3.0.3 |
||
mozilla firefox 3.0.2 |
||
mozilla firefox 3.5.3 |
||
mozilla firefox 3.0.5 |
||
mozilla firefox 3.0.4 |
||
mozilla firefox 3.5.1 |
||
mozilla firefox 3.5.2 |
||
mozilla firefox 3.0.13 |
||
mozilla firefox 3.0.6 |
||
mozilla firefox 3.0.9 |
||
mozilla firefox 3.0 |
||
mozilla firefox 3.0.11 |
||
mozilla firefox 3.0.12 |
||
mozilla firefox 3.0.7 |
||
mozilla firefox 3.0.8 |