You are here: Known Vulnerabilities in Mozilla Products (Firefox 1.5.0.4) > MFSA 2006-36

Mozilla Foundation Security Advisory 2006-36

Title: PLUGINSPAGE privileged JavaScript execution II
Impact: Moderate
Date: June 1, 2006
Reporter: Paul Nickerson
Products: Firefox

Fixed in: Firefox 1.5.0.4

Description

Paul Nickerson reports that the fix for MFSA 2005-34 can be bypassed using nested javascript: URLs, again allowing the attacker to execute privileged code. The attacker must first convince the user to first click on the missing-plugin icon in the page or the "Install Missing Plugins..." button in the infobar, and then click on the "Manual Install" button on the plugin-finder dialog.

Note that the "Manual Install" button is a mechanism for installing software from a site specified by the web page. Many potential victims who have come this far might be convinced to go ahead and install arbitrary software from the attacker's site even without this vulnerability.

Workaround

Do not press the "Manual Install" button on the Firefox plugin finder. Instead use a search engine to find an appropriate plugin for the content.

References