Arbitrary Code Execution via Popup Blocker Bypass in Firefox and Mozilla Suite

Arbitrary Code Execution via Popup Blocker Bypass in Firefox and Mozilla Suite

CVE-2005-1153 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Firefox before 1.0.3 and Mozilla Suite before 1.7.7, when blocking a popup, allows remote attackers to execute arbitrary code via a javascript: URL that is executed when the user selects the "Show javascript" option.

Learn more about our User Device Pen Test.