Windows can retain access to privileged content on navigation to unprivileged pages — Mozilla

2015-03-3100:00:00

Mozilla Foundation

www.mozilla.org

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

EPSS

0.397

Percentile

97.3%

JSON

Mozilla developer Bobby Holley reported that windows created to hold privileged UI content retained access to privileged internal methods if later navigated to unprivileged content. If a separate flaw was found that allowed for web content to reference these privileged windows, an attacker could use this reference to navigate them to their own content allowing for an escalation of privilege and arbitrary code execution. On its own, this flaw does not allow for privilege escalation by web content.

Affected configurations

Vulners

Node

mozillafirefoxRange<37

mozillafirefox_osRange<2.2

mozillaseamonkeyRange<2.35

VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
mozillafirefox_os*cpe:2.3:o:mozilla:firefox_os:*:*:*:*:*:*:*:*
mozillaseamonkey*cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	*	cpe:2.3:a:mozilla:firefox::::::::
mozilla	firefox_os	*	cpe:2.3:o:mozilla:firefox_os::::::::
mozilla	seamonkey	*	cpe:2.3:a:mozilla:seamonkey::::::::