You are here: Security Center > Mozilla Foundation Security Advisories > MFSA 2012-60

Mozilla Foundation Security Advisory 2012-60

Title: Escalation of privilege through about:newtab
Impact: Critical
Announced: August 28, 2012
Reporter: Mariusz Mlynski
Products: Firefox

Fixed in: Firefox 15

Description

Security researcher Mariusz Mlynski reported that when a page opens a new tab, a subsequent window can then be opened that can be navigated to about:newtab, a chrome privileged page. Once about:newtab is loaded, the special context can potentially be used to escalate privilege, allowing for arbitrary code execution on the local system in a maliciously crafted attack.

References