Access Control Bypass Vulnerability in Mozilla Firefox and Thunderbird

Access Control Bypass Vulnerability in Mozilla Firefox and Thunderbird

CVE-2011-3655 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site.

Learn more about our Web App Pen Testing.