Arbitrary Code Execution via Standalone Applications in Firefox

Arbitrary Code Execution via Standalone Applications in Firefox

CVE-2005-2267 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone application loads a privileged chrome: URL.

Learn more about our Cis Benchmark Audit For Google Chrome.