CVE-2010-1585

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 3.5.17 Mozilla Firefox versions 3.6.x prior to 3.6.14 Thunderbird versions prior to 3.1.8 SeaMonkey versions prior to 2.0.12

Description The issue arises from the nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism, which fails to properly sanitize HTML in a chrome document. This allows remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension. For example, this can be achieved by using a javascript:alert sequence in the HREF attribute of an A element or the ACTION attribute of a FORM element.

Recommendations For Mozilla Firefox versions prior to 3.5.17, update to version 3.5.17 or later. For Mozilla Firefox versions 3.6.x prior to 3.6.14, update to version 3.6.14 or later. For Thunderbird versions prior to 3.1.8, update to version 3.1.8 or later. For SeaMonkey versions prior to 2.0.12, update to version 2.0.12 or later.