Arbitrary Code Execution via Standalone Applications in Firefox
CVE-2005-2267 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone application loads a privileged chrome: URL.
Learn more about our Cis Benchmark Audit For Google Chrome.