Mozilla Foundation Security Advisory 2012-104

CSS and HTML injection through Style Inspector

Announced
November 20, 2012
Reporter
Mariusz Mlynski
Impact
Critical
Products
Firefox, Firefox ESR
Fixed in
  • Firefox 17
  • Firefox ESR 10.0.11

Description

Security researcher Mariusz Mlynski reported that when a maliciously crafted stylesheet is inspected in the Style Inspector, HTML and CSS can run in a chrome privileged context without being properly sanitized first. This can lead to arbitrary code execution.

References