Mozilla Foundation Security Advisory 2007-21

Privilege escallation using an event handler attached to an element not in the document

Announced
July 17, 2007
Reporter
moz_bug_r_a4
Impact
Critical
Products
Firefox, SeaMonkey
Fixed in
  • Firefox 2.0.0.5
  • SeaMonkey 1.1.3

Description

An attacker can use an element outside of a document to call an event handler allowing content to run arbitrary code with chrome privileges.

References