OSVDB ID: 85003 Title: Mozilla Multiple Product Web Console eval() Remote Code Execution |
Info |
|
|
Dates |
||||
|
|
Description |
Multiple Mozilla products contain a flaw that is triggered by an error in eval() in the web console. This may allow a remote attacker to execute arbitrary code. No further details have been provided. |
Classification |
Location:
Context Dependent
Attack Type: Input Manipulation Impact: Loss of Integrity Solution: Upgrade Exploit: Exploit Private Disclosure: Vendor Verified, Coordinated Disclosure OSVDB: Web Related |
Solution |
Upgrade Firefox and Thunderbird to version 15 or higher (10.0.7 for ESR) or SeaMonkey to version 2.12 or higher, as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. |
Products |
|
Credit |
Unknown or Incomplete |