Mozilla Thunderbird CVE-2013-1737 Weak Authentication Vulnerability
Description
Mozilla developer Boris Zbarsky reported that user-defined getters on DOM proxies would incorrectly get the expando object as this. It is unlikely that this is directly exploitable but could lead to JavaScript client or add-on code making incorrect security sensitive decisions based on hacker supplied values.
Affected Applications
Thunderbird