X

The Third Party Vulnerability Resolution Blog covers CVEs and patches in Systems product suite.

Sun Alert 103011 Security Vulnerability in Mozilla 1.7 May Allow Arbitrary JavaScript Commands to be Run

Guest Author
Product: Mozilla v1.7

A remote code execution vulnerability in Mozilla 1.7 may allow a remote user who has created a web page visited by a local user using Mozilla, or who has sent a specially crafted e-mail read by a local user using Mozilla to execute arbitrary JavaScript commands with the privileges of that user.

This vulnerability is described in the following Mozilla advisory:

http://www.mozilla.org/security/announce/2006/mfsa2006-67.html

This issue is also described in the following documents:

CVE-2006-5463 at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5463

CERT VU#714496 at http://www.kb.cert.org/vuls/id/714496

CERT Technical Cyber Security Alert TA06-312A at http://www.us-cert.gov/cas/techalerts/TA06-312A.html

Avoidance: Patch
State: Resolved
First released: 24-Jul-2007

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.