The host is installed with Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14 or Mozilla SeaMonkey before 2.0.12 and is prone to an escalation of privilege vulnerability. A flaw is present in the applications which fails to properly handle certain recursive eval calls. Successful exploitation allows remote attacker to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges.