Mozilla Foundation Security Advisory 2005-55

XHTML node spoofing

Announced

July 12, 2005

Reporter

moz_bug_r_a4

Impact

High

Products

Firefox, Mozilla Suite

Fixed in

Firefox 1.0.5
Mozilla Suite 1.7.10

Description

Parts of the browser UI relied too much on DOM node names without taking different namespaces into account and verifying that nodes really were of the expected type. An XHTML document could be used to create fake <IMG> elements, for example, with content-defined properties that the browser would access as if they were the trusted built-in properties of the expected HTML elements.

The severity of the vulnerability would depend on what the attacker could convince the victim to do, but could result in executing user-supplied script with elevated "chrome" privileges. This could be used to install malicious software on the victim's machine.

Workaround

References

https://bugzilla.mozilla.org/show_bug.cgi?id=298892

Firefox for Desktop

Firefox for iOS

Firefox for Android

Firefox Focus

Firefox blog

Mozilla VPN

Mozilla Monitor

Firefox Relay

Pocket

MDN Plus

Fakespot

Thunderbird

About Mozilla

The Mozilla Manifesto

Get Involved

Innovation Projects

Blog

Mozilla Foundation

Mozilla.ai

Mozilla Ventures

Mozilla Advertising