You are here: Known Vulnerabilities in Mozilla Products (Firefox 1.0.2) > MFSA 2005-31
Mozilla Foundation Security Advisory 2005-31
Title: Arbitrary code execution from Firefox sidebar panel
Severity: Critical
Risk: Moderate
Reporter: Kohei Yoshino
Products: Firefox
Fixed in: Firefox 1.0.2
Description
If a user bookmarked a malicious page as a Firefox sidebar panel that page could execute arbitrary programs by opening a privileged page and injecting javascript into it.
Workaround
Do not add sidebar panels. Upgrade to fixed version