FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote attackers to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-2005-0527, aka "Firescrolling 2."
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2005-03-24T05:00:00
Updated: 2017-10-10T00:57:01
Reserved: 2005-02-14T00:00:00
Link: CVE-2005-0401
JSON object: View
NVD Information
Status : Modified
Published: 2005-05-02T04:00:00.000
Modified: 2018-05-03T01:29:28.397
Link: CVE-2005-0401
JSON object: View
Redhat Information
No data.
CWE