Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into saving a page as a Firefox sidebar panel, then using the sidebar panel to inject Javascript into a privileged page.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | 0.8 (including) | 0.8 (including) |
Firefox | Mozilla | 0.9 (including) | 0.9 (including) |
Firefox | Mozilla | 0.9-rc (including) | 0.9-rc (including) |
Firefox | Mozilla | 0.9.1 (including) | 0.9.1 (including) |
Firefox | Mozilla | 0.9.2 (including) | 0.9.2 (including) |
Firefox | Mozilla | 0.9.3 (including) | 0.9.3 (including) |
Firefox | Mozilla | 0.10 (including) | 0.10 (including) |
Firefox | Mozilla | 0.10.1 (including) | 0.10.1 (including) |
Firefox | Mozilla | 1.0 (including) | 1.0 (including) |
Firefox | Mozilla | 1.0.1 (including) | 1.0.1 (including) |
Firefox | Mozilla | 1.0.2 (including) | 1.0.2 (including) |