Your system may not meet the requirements for Firefox, but you can try one of these versions:

Your system doesn't meet the requirements to run Firefox.

Your system doesn't meet the requirements to run Firefox.

Please follow these instructions to install Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2006-43

Privilege escalation using addSelectionListener

Announced
June 1, 2006
Reporter
moz_bug_r_a4
Impact
Critical
Products
Firefox, SeaMonkey
Fixed in
  • Firefox 1.5.0.4
  • SeaMonkey 1.0.2

Description

Web content could access the nsISelectionPrivate interface of the Selection object and use it to add a SelectionListener. The listener would be called when the user did a "Find" on the page or a "select all", and as intended this shouldn't cause any problems. But as with escaping the PAC sandbox in MFSA 2006-31 and content-defined DOM setters in MFSA 2006-37 moz_bug_r_a4 figured a way to leverage the fact that the notifications were created in a privileged context into arbitrary code execution.

Workaround

Disable JavaScript until you've upgraded to a fixed version.

References