Mozilla Foundation Security Advisory 2005-32

Drag and drop loading of privileged XUL

Announced

March 22, 2005

Reporter

Michael Krax

Impact

Low

Products

Firefox, Mozilla Suite

Fixed in

Firefox 1.0.2
Mozilla Suite 1.7.7

Description

A malicious page that could lure a user into dragging something (such as a fake scrollbar) can bypass the restriction on opening privileged XUL. The startup scripts in the XUL will run with enhanced privilege, though the actions taken upon merely opening most XUL are benign. So far no way to run arbitrary code supplied by the attacker has been found, but this could be a stepping-stone to future attacks.

Workaround

Disable Javascript. Upgrade to the fixed version.

References

http://mikx.de/firescrolling2/
https://bugzilla.mozilla.org/show_bug.cgi?id=285438
CAN-2005-0401

Firefox for Desktop

Firefox for Android

Firefox for iOS

Firefox Focus

Firefox Blog

Release Notes

Mozilla Monitor

Facebook Container

Pocket

Mozilla VPN

Firefox Relay

MDN Plus

Fakespot

Mozilla Manifesto

Mozilla Foundation

Leadership

Get involved

Careers

Mozilla Blog

Impact

Firefox Developer Edition

MDN Web Docs

Mozilla Innovation Projects

Common Voice