Improper Handling of Recursive eval Calls in Mozilla Firefox and SeaMonkey

Improper Handling of Recursive eval Calls in Mozilla Firefox and SeaMonkey

CVE-2011-0051 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properly handle certain recursive eval calls, which makes it easier for remote attackers to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges.

Learn more about our User Device Pen Test.