You are here: Known Vulnerabilities in Mozilla Products (Firefox 1.0.5) > MFSA 2005-55

Mozilla Foundation Security Advisory 2005-55

Title: XHTML node spoofing
Severity: High
Reporter: moz_bug_r_a4
Products: Firefox, Mozilla Suite

Fixed in: Firefox 1.0.5
  Mozilla Suite 1.7.10

Description

Parts of the browser UI relied too much on DOM node names without taking different namespaces into account and verifying that nodes really were of the expected type. An XHTML document could be used to create fake <IMG> elements, for example, with content-defined properties that the browser would access as if they were the trusted built-in properties of the expected HTML elements.

The severity of the vulnerability would depend on what the attacker could convince the victim to do, but could result in executing user-supplied script with elevated "chrome" privileges. This could be used to install malicious software on the victim's machine.

Workaround

References