Vulnerability Note VU#968814
According to Mozilla Foundation Security Advisory 2006-28:
The security check in js_ValueToFunctionObject() can be bypassed by clever use of setTimeout() and the new Firefox 1.5 array method ForEach. shutdown demonstrated how to leverage this into a privilege escalation vulnerability that would allow the installation of malware.
A remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system.
If you are a vendor and your product is affected, let
|Vendor||Status||Date Notified||Date Updated|
|Mozilla, Inc.||Affected||-||17 Apr 2006|
|Red Hat, Inc.||Not Affected||-||17 May 2006|
This vulnerability was reported in
Mozilla Foundation Security Advisory
This document was written by Jeff Gennari.
13 Apr 2006
Date First Published:
17 Apr 2006
Date Last Updated:
17 May 2006
If you have feedback, comments, or additional information about this vulnerability, please send us email.