Mozilla Firefox, Mozilla Suite: multiple vulnerabilities
|Created:||April 19, 2005
||Updated:||July 18, 2005|
||The following vulnerabilities were found and fixed in the Mozilla Suite
and Mozilla Firefox:
The following Firefox-specific vulnerabilities have also been
- Vladimir V. Perepelitsa reported a memory disclosure bug in
anonymous function as the replacement argument (CAN-2005-0989).
- moz_bug_r_a4 discovered that Chrome UI code was overly trusting DOM
nodes from the content window, allowing privilege escalation via DOM
- Michael Krax also discovered that malicious Search plugins could
replace existing search plugins.
- shutdown discovered a technique to pollute the global scope of a
window in a way that persists from page to page.
elevated privileges when the user asks to "Show" a blocked popup that
- Finally, Georgi Guninski reported missing Install object instance
- Kohei Yoshino discovered a new way to abuse the sidebar panel to
- Omar Khan reported that the Plugin Finder Service can be tricked to
to post comments)