Mozilla Products: Debugger can bypass XrayWrappers with JavaScript - mfsa2014-47 (Mac OS X)| ID: oval:org.secpod.oval:def:17844 | Date: (C)2014-05-08 (M)2023-11-18 |
| Class: PATCH | Family: macos |
Mozilla developer Boris Zbarsky discovered that the debugger will work with some objects while bypassing XrayWrappers. This could lead to privilege escalation if the victim used the debugger to interact with a malicious page.
| Platform: |
| Apple Mac OS 14 |
| Apple Mac OS 13 |
| Apple Mac OS 12 |
| Apple Mac OS 11 |
| Apple Mac OS X 10.15 |
| Apple Mac OS X 10.14 |
| Apple Mac OS X 10.13 |
| Apple Mac OS X 10.11 |
| Apple Mac OS X 10.12 |
| Product: |
| Mozilla SeaMonkey |
| Mozilla Firefox |
