CVE-2009-2471

Metadata

CVE-2009-2471
10.0
lists.opensuse.org, lists.opensuse.org, rhn.redhat.com, mozilla.org, securityfocus.com, vupen.com, bugzilla.mozilla.org, redhat.com
2009-07-22
2017-09-21 21:07

Description

The setTimeout function in Mozilla Firefox before 3.0.12 does not properly preserve object wrapping, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted call, related to XPCNativeWrapper.

Related Vulnerabilities

platform vulnerability
CVE-2009-2471 xulrunner
CVE-2009-2471