Mozilla · Firefox · CVE-2012-4203
**Name of the Vulnerable Software and Affected Versions**
Mozilla Firefox versions prior to 17.0
**Description**
The issue concerns the New Tab page in Mozilla Firefox, where JavaScript code executed by bookmarklets uses a privileged context. This allows remote attackers to run arbitrary programs if they can trick a user into using a javascript: URL in a bookmark.
**Recommendations**
For versions prior to 17.0, update to version 17.0 or later to resolve the issue.