The Plugin Finder Service (PFS) in Firefox before 1.0.3 allows remote attackers to execute arbitrary code via a javascript: URL in the PLUGINSPAGE attribute of an EMBED tag.
Software | From | Fixed in |
---|---|---|
mozilla / firefox | 0.10 | 0.10.x |
mozilla / firefox | 0.10.1 | 0.10.1.x |
mozilla / firefox | 0.8 | 0.8.x |
mozilla / firefox | 0.9 | 0.9.x |
mozilla / firefox | 0.9-rc | 0.9-rc.x |
mozilla / firefox | 0.9.1 | 0.9.1.x |
mozilla / firefox | 0.9.2 | 0.9.2.x |
mozilla / firefox | 0.9.3 | 0.9.3.x |
mozilla / firefox | 1.0 | 1.0.x |
mozilla / firefox | 1.0.1 | 1.0.1.x |
mozilla / firefox | 1.0.2 | 1.0.2.x |