Download Firefox

Firefox is no longer supported on Windows 8.1 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox is no longer supported on macOS 10.14 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2005-31

Arbitrary code execution from Firefox sidebar panel

Announced
March 22, 2005
Reporter
Kohei Yoshino
Risk
Moderate
Impact
Critical
Products
Firefox
Fixed in
  • Firefox 1.0.2

Description

If a user bookmarked a malicious page as a Firefox sidebar panel that page could execute arbitrary programs by opening a privileged page and injecting javascript into it.

Workaround

Do not add sidebar panels. Upgrade to fixed version

References