Mozilla.Browsers.CSS.Moz-binding.XSS
Description
This indicates a possible exploit of a cross-site scripting (XSS) vulnerability in Mozilla.
This flaw is due to an origin validation error when processing certain CSS (Cascading Style Sheets) and HTML documents, containing a specially crafted "-moz-binding" property used in conjunction with the extensible binding language (XBL).
Affected Products
Mozilla Firefox 1.5 beta 2
Mozilla Firefox 1.5 beta 1
Mozilla Firefox 1.5
Mozilla Firefox 1.0.7
Mozilla Firefox 1.0.6
Mozilla Firefox 1.0.5
Mozilla Firefox 1.0.5
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.3
Mozilla Firefox 1.0.2
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0
Impact
System compromise.
Recommended Actions
Mozilla Firefox Download Web page, Firefox - Rediscover the web at http://www.mozilla.org/products/firefox/.
Mozilla Suite Web page, Mozilla Suite- The All-in-One Internet Application Suite at
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |