Remote Code Execution via Search Plugin in Firefox, Mozilla Suite, and Netscape

Remote Code Execution via Search Plugin in Firefox, Mozilla Suite, and Netscape

CVE-2005-1156 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to execute arbitrary script and code via a new search plugin using sidebar.addSearchEngine, aka "Firesearching 1."

Learn more about our Web Application Penetration Testing UK.