Pavel Penaz

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions 1.0.x through 1.0.7 Mozilla Firefox versions 1.x through 1.4 Mozilla Thunderbird versions 1.0.x through 1.0.7 Mozilla Thunderbird versions 1.x through 1.4 Mozilla Suite versions prior to 1.7.13 SeaMonkey versions prior to 1.0 Description: The issue is related to the CSS border-rendering code, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain Cascading Style Sheets (CSS) that cause an out-of-bounds array write and buffer overflow. Recommendations: For Mozilla Firefox versions 1.0.x through 1.0.7, update to version 1.0.8 or later. For Mozilla Firefox versions 1.x through 1.4, update to version 1.5 or later. For Mozilla Thunderbird versions 1.0.x through 1.0.7, update to version 1.0.8 or later. For Mozilla Thunderbird versions 1.x through 1.4, update to version 1.5 or later. For Mozilla Suite versions prior to 1.7.13, update to version 1.7.13 or later. For SeaMonkey versions prior to 1.0, update to version 1.0 or later.

Name of the Vulnerable Software and Affected Versions: Firefox version 1.0.3 Description: The issue allows remote attackers to execute arbitrary Javascript in other domains. This is achieved by using an IFRAME and causing the browser to navigate to a previous javascript: URL, which can lead to arbitrary code execution. Recommendations: For Firefox version 1.0.3, update to a newer version to mitigate the risk.

Name of the Vulnerable Software and Affected Versions: Firefox version 1.0.3 Description: The issue allows remote web sites on the browser's whitelist to execute arbitrary Javascript with chrome privileges. This can lead to arbitrary code execution on the system when combined with other vulnerabilities. The exploitation can be demonstrated using a javascript: URL as the package icon and a cross-site scripting (XSS) attack on a vulnerable whitelist site. Recommendations: For Firefox version 1.0.3, consider restricting access to the `install` function until a patch is available. As a temporary workaround, avoid using the `javascript:` URL scheme for package icons to minimize the risk of exploitation.