Your system may not meet the requirements for Firefox, but you can try one of these versions:

Your system doesn't meet the requirements to run Firefox.

Your system doesn't meet the requirements to run Firefox.

Please follow these instructions to install Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2012-46

XSS through data: URLs

Announced
July 17, 2012
Reporter
moz_bug_r_a4
Impact
High
Products
Firefox, Firefox ESR
Fixed in
  • Firefox 14
  • Firefox ESR 10.0.6

Description

Mozilla security researcher moz_bug_r_a4 reported a cross-site scripting (XSS) attack through the context menu using a data: URL. In this issue, context menu functionality ("View Image", "Show only this frame", and "View background image") are disallowed in a javascript: URL but allowed in a data: URL, allowing for XSS. This can lead to arbitrary code execution.

References