CVE-2008-5015

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions 3.x before 3.0.4

Description The issue allows user-assisted attackers to execute arbitrary JavaScript with chrome privileges via malicious code in a file that has already been saved on the local system. This occurs when a file: URI is accessed in the same tab from a chrome or privileged about: page, assigning chrome privileges to the file.

Recommendations For Mozilla Firefox versions 3.x before 3.0.4, update to version 3.0.4 or later to resolve the issue.