Download Firefox

Firefox is no longer supported on Windows 8.1 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox is no longer supported on macOS 10.14 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2005-56

Code execution through shared function objects

Announced
July 12, 2005
Reporter
moz_bug_r_a4, shutdown
Impact
Critical
Products
Firefox, Mozilla Suite
Fixed in
  • Firefox 1.0.5
  • Mozilla Suite 1.7.10

Description

Improper cloning of base objects allowed web content scripts to walk up the prototype chain to get to a privileged object. This could be used to execute code with enhanced privileges.

Workaround

Upgrade to a version containing the fix.

References

Bug details embargoed until August 1, 2005