header-logo
Suggest Exploit
vendor:
Mozilla Firefox, Thunderbird, SeaMonkey
by:
Unknown
7.5
CVSS
HIGH
Privilege Escalation
Unknown
CWE
Product Name: Mozilla Firefox, Thunderbird, SeaMonkey
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Unknown
CPE: Unknown
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Privilege Escalation through JavaScript in Mozilla Firefox, Thunderbird, and SeaMonkey

The vulnerability allows JavaScript to execute with unintended privileges. A malicious site can cause the execution of a script with Chrome privileges, allowing attackers to execute hostile script code with privileges that exceed those intended. This issue affects Mozilla Firefox, Thunderbird, and SeaMonkey. Proof of concept code is available.

Mitigation:

Unknown
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/25142/info

Mozilla Firefox, Thunderbird, and SeaMonkey are prone to a vulnerability that allows JavaScript to execute with unintended privileges.

A malicious site may be able to cause the execution of a script with Chrome privileges. Attackers could exploit this issue to execute hostile script code with privileges that exceed those that were intended. Certain Firefox extensions may not intend 'about:blank' to execute script code with Chrome privileges.

NOTE: This issue was introduced by the fix for MFSA 2007-20. 

The following proof of concept is available:

w=open("about:blank");alert(1);u="javascript:alert(Components.stack);";w.document.body.innerHTML=u.link(u);w.focus();1 or top.opener.content.location="about:blank";alert(1);u="javascript:alert(Components.stack);";(w=top.opener.content).document.body.innerHTML=u.link(u);w.focus();1