|Description||Mozilla Firefox before 18.104.22.168 allows remote attackers to execute arbitrary code with chrome privileges by calling an event handler from an unspecified "element outside of a document."|
|Source||CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)|
|References||DSA-1337-1, DSA-1338-1, DSA-1339-1, DTSA-45-1, DTSA-47-1, DTSA-51-1|
The information below is based on the following data on fixed versions.