Remote Code Execution Vulnerability in Mozilla Firefox Debugger

Remote Code Execution Vulnerability in Mozilla Firefox Debugger

CVE-2012-3973 · HIGH Severity

AV:N/AC:H/AU:N/C:C/I:C/A:C

The debugger in the developer-tools subsystem in Mozilla Firefox before 15.0, when remote debugging is disabled, does not properly restrict access to the remote-debugging service, which allows remote attackers to execute arbitrary code by leveraging the presence of the HTTPMonitor extension and connecting to that service through the HTTPMonitor port.

Learn more about our Cis Benchmark Audit For Mozilla Firefox.