NuytsTech Security

CVE-2012-4203

by ·

The New Tab page in Mozilla Firefox before 17.0 uses a privileged context for execution of JavaScript code by bookmarklets, which allows user-assisted remote attackers to run arbitrary programs by leveraging a javascript: URL in a bookmark.

Date published : 2012-11-21

http://www.securityfocus.com/bid/56623

http://www.mozilla.org/security/announce/2012/mfsa2012-95.html

Tags: