You are here: Security Center > Mozilla Foundation Security Advisories > MFSA 2011-15

Mozilla Foundation Security Advisory 2011-15

Title: Escalation of privilege through Java Embedding Plugin
Impact: Critical
Announced: April 28, 2011
Reporter: David Remahl
Products: Firefox, SeaMonkey

Fixed in: Firefox 3.6.17
  Firefox 3.5.19
  SeaMonkey 2.0.14

Description

David Remahl of Apple Product Security reported that the Java Embedding Plugin (JEP) shipped with the Mac OS X versions of Firefox could be exploited to obtain elevated access to resources on a user's system.

Firefox 4 was not affected by this issue.

References