icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Mozilla Firefox 3.5 < 3.5.2 Proxy Response DoS

High

Synopsis

The remote host is affected by a privilege escalation vulnerability.

Description

The installed version of Mozilla Firefox 3.5 is earlier than 3.5.2. Such versions are potentially affected by a privilege-escalation vulnerability. The issues exists when the browser with an add-on implementing a Content Policy opens pages that have a 'Link:' HTTP header. An attacker can exploit this issue to execute arbitrary JavaScript code with chrome privileges.

Solution

Upgrade to Mozilla Firefox 3.5.2/3.0.12 or later.