The New Tab page in Mozilla Firefox before 17.0 uses a privileged context for execution of JavaScript code by bookmarklets, which allows user-assisted remote attackers to run arbitrary programs by leveraging a javascript: URL in a bookmark.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2012-11-21T11:00:00
Updated: 2024-08-06T20:28:07.583Z
Reserved: 2012-08-08T00:00:00
Link: CVE-2012-4203
Vulnrichment
No data.
NVD
Status : Modified
Published: 2012-11-21T12:55:01.680
Modified: 2017-09-19T01:35:19.807
Link: CVE-2012-4203
Redhat