Mozilla Firefox CVE-2013-1737 Weak Authentication Vulnerability

description-logoDescription

Mozilla developer Boris Zbarsky reported that user-defined getters on DOM proxies would incorrectly get the expando object as this. It is unlikely that this is directly exploitable but could lead to JavaScript client or add-on code making incorrect security sensitive decisions based on hacker supplied values.

affected-products-logoAffected Applications

Firefox
Firefox ESR

CVE References

CVE-2013-1737