XAML injection In yelp
Description
The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 does not apply XPCNativeWrappers to scripts loaded from (1) file: URIs, (2) data: URIs, or (3) certain non-canonical chrome: URIs, which allows remote attackers to execute arbitrary code via vectors involving third-party add-ons.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 rpm rhel5 | 0:2.16.0-19.el5 | ||
rpm rhel5 | 0:2.0.0.16-1.el5 | ||
rpm rhel5 | 0:0.12-17.el5 | ||
rpm rhel5 | 0:1.9-1.el5 | ||
rpm rhel5 | 0:3.0-2.el5 |
Aliases
1. 2. 3.