Skip to main content

Mozilla Foundation Security Advisory 2005-37

Title: Code execution through javascript: favicons
Severity: Critical
Reporter: Michael Krax
Products: Firefox, Mozilla Suite

Fixed in: Firefox 1.0.3
  Mozilla Suite 1.7.7

Description

Firefox and the Mozilla Suite support custom "favicons" through the <LINK rel="icon"> tag. If a link tag is added to the page programmatically and a javascript: url is used, then script will run with elevated privileges and could run or install malicious software.

Workaround

Disable javascript.

References

http://www.mikx.de/firelinking/
https://bugzilla.mozilla.org/show_bug.cgi?id=290036