You are here: Security Center > Mozilla Foundation Security Advisories > MFSA 2010-38

Mozilla Foundation Security Advisory 2010-38

Title: Arbitrary code execution using SJOW and fast native function
Impact: Critical
Announced: July 20, 2010
Reporter: moz_bug_r_a4
Products: Firefox, Thunderbird

Fixed in: Firefox 3.6.7
  Thunderbird 3.1.1

Description

Mozilla security researcher moz_bug_r_a4 reported that when content script which is running in a chrome context accesses a content object via SJOW, the content code can gain access to an object from the chrome scope and use that object to run arbitrary JavaScript with chrome privileges.

Firefox 3.5 and other Mozilla products built from Gecko 1.9.1 were not affected by this issue.

References