Vulnerability Note VU#968814
According to Mozilla Foundation Security Advisory 2006-28:
The security check in js_ValueToFunctionObject() can be bypassed by clever use of setTimeout() and the new Firefox 1.5 array method ForEach. shutdown demonstrated how to leverage this into a privilege escalation vulnerability that would allow the installation of malware.
A remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Mozilla, Inc.||Affected||-||17 Apr 2006|
|Red Hat, Inc.||Not Affected||-||17 May 2006|
CVSS Metrics (Learn More)
This vulnerability was reported in Mozilla Foundation Security Advisory 2006-28.
This document was written by Jeff Gennari.
- CVE IDs: CVE-2006-1726
- Date Public: 13 Apr 2006
- Date First Published: 17 Apr 2006
- Date Last Updated: 17 May 2006
- Severity Metric: 20.45
- Document Revision: 23
If you have feedback, comments, or additional information about this vulnerability, please send us email.