CVE-2005-2267

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 1.0.5

Description: The issue allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL. This URL is run in the context of the previous page and may lead to code execution if the standalone application loads a privileged chrome: URL.

Recommendations: For Firefox versions prior to 1.0.5, update to version 1.0.5 or later to resolve the issue. As a temporary workaround, consider restricting the use of javascript: URLs in standalone applications to minimize the risk of exploitation.