Name | CVE-2007-5338 |
Description | Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
References | DSA-1392-1, DSA-1396-1, DSA-1401-1, DSA-1534-2, DTSA-69-1, DTSA-80-1 |
The information below is based on the following data on fixed versions.