CVE-2005-1153

Firefox before 1.0.3 and Mozilla Suite before 1.7.7, when blocking a popup, allows remote attackers to execute arbitrary code via a javascript: URL that is executed when the user selects the "Show javascript" option.

Date published : 2005-04-18

http://www.securityfocus.com/bid/15495

http://www.mozilla.org/security/announce/mfsa2005-35.html