 |
|
|
|
| From: | MOZILLA | | Date: | 14.11.2008 | | Subject: | Mozilla Foundation Security Advisory 2008-51 |
Mozilla Foundation Security Advisory 2008-51
Title: file: URIs inherit chrome privileges when opened from chrome
Impact: Moderate
Announced: November 12, 2008
Reporter: Luke Bryan
Products: Firefox
Fixed in: Firefox 3.0.4
Description
Security researcher Luke Bryan reported that file: URIs are given chrome privileges when opened in the same tab as a chrome page or privileged about: page. This vulnerability could be used by an attacker to run arbitrary JavaScript with chrome privileges. The severity of this issue was determined to be moderate as it requires an attacker to have malicious code saved locally, then have a user open a chrome: document or privileged about: URI, and then open the malicious file in the same privileged tab.
Firefox 2 is not affected by this issue.
References
* https://bugzilla.mozilla.org/show_bug.cgi?id=447579
* CVE-2008-5015
|
|
|
|
|
|
|
|
