A vulnerability affecting Firefox versions previous to 22.214.171.124 is caused by the "-chrome" parameter allowing remote attackers to run code with the current user's privileges. When exploited, the remote attacker can install malware, steal data, or simply corrupt the user's system.
The solution is to update to Firefox version 126.96.36.199. There is also a workaround: use the NoScript add-on with Firefox.
Posted by Kitch Spicer on September 19, 2007, in Handlers Log.