Mozilla Foundation Security Advisory 2010-21

Arbitrary code execution with Firebug XMLHttpRequestSpy

Announced

March 30, 2010

Reporter

moz_bug_r_a4

Impact

High

Products

Firefox, SeaMonkey

Fixed in

Firefox 3.0.19
Firefox 3.5.8
SeaMonkey 2.0.3

Description

Mozilla security researcher moz_bug_r_a4 reported that the XMLHttpRequestSpy module in the Firebug add-on was exposing an underlying chrome privilege escalation vulnerability. When the XMLHttpRequestSpy object was created, it would attach various properties of itself to objects defined in web content, which were not being properly wrapped to prevent their exposure to chrome privileged objects. This could result in an attacker running arbitrary JavaScript on a victim's machine, though it required the victim to have Firebug installed, so the overall severity of the issue was determined to be High.

This vulnerability does not affect Firefox 3.6

References

https://bugzilla.mozilla.org/show_bug.cgi?id=504021
CVE-2010-0179

Firefox for Desktop

Firefox for Android

Firefox for iOS

Firefox Focus

Firefox Blog

Release Notes

Mozilla Monitor

Facebook Container

Pocket

Mozilla VPN

Firefox Relay

MDN Plus

Fakespot

Mozilla Manifesto

Mozilla Foundation

Leadership

Get involved

Careers

Mozilla Blog

Impact

Firefox Developer Edition

MDN Web Docs

Mozilla Innovation Projects

Common Voice

Mozilla Foundation Security Advisory 2010-21

Arbitrary code execution with Firebug XMLHttpRequestSpy

Description

References