Use the eval function to use malicious code

Hi malware fighters,

Do you have a T-shirt where it reads: “Eval is evil” and next to it: “Script is bound to happen!”.
If you evaluate your Firefox or Flock component’s JS scripts through running them through the nice program ScriptSentry the file known as “crashrecovery.JS” for instance brings up “use the eval function to use malicious code”. What are the dangers and why and how can this code be turned into an attack vector is explained and you can read here: http://www.codeproject.com/jscript/hostilejsdebug.asp

Run all code that is inside your browser through the ScriptSentry program, and see where the pitfalls inside your browser are, good for you to know where your browser is vulnerably if script is allowed to run, and where the wrong friends of your browser can wreak havoc… About “eval” read this as still actual: http://blogs.msdn.com/ericlippert/archive/2003/11/04/53335.aspx

polonus