newsbot
15-07-2010, 06:00 PM
Mozilla recently discovered a security escalation vulnerability in the 3.0.1 version of the popular CoolPreviews add-on.
The vulnerability can be exploited with a specially crafted link, which forces the add-on to execute remote JavaScript code if the user hovers the cursor over the link. More information is available at the Mozilla Add-ons blog (http://blog.mozilla.com/addons/2010/07/13/add-on-security-announcement/).
Firefox users with the CoolPreviews add-on are advised to upgrade to the latest 3.1.0625 (https://addons.mozilla.org/en-US/firefox/addon/2207/) version as soon as possible. Other known issues resolved with the update are listed on the CoolPreviews site (http://www.coolpreviews.com/firefox/issues_cp_ff.php). On 15/07/10 At 02:49 AM
**Hidden Content: Check the thread to see hidden data.**
The vulnerability can be exploited with a specially crafted link, which forces the add-on to execute remote JavaScript code if the user hovers the cursor over the link. More information is available at the Mozilla Add-ons blog (http://blog.mozilla.com/addons/2010/07/13/add-on-security-announcement/).
Firefox users with the CoolPreviews add-on are advised to upgrade to the latest 3.1.0625 (https://addons.mozilla.org/en-US/firefox/addon/2207/) version as soon as possible. Other known issues resolved with the update are listed on the CoolPreviews site (http://www.coolpreviews.com/firefox/issues_cp_ff.php). On 15/07/10 At 02:49 AM
**Hidden Content: Check the thread to see hidden data.**