[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Firefox 1.5.0.3 code execution exploit

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Firefox 1.5.0.3 code execution exploit
From: Daniel Veditz <dveditz@xxxxxxxxxx>
Date: Sun, 07 May 2006 10:15:50 -0700

Nothing new, that's the issue described by Secunia at
http://secunia.com/advisories/19698/

Firefox won't run executable types, so "code execution" would require
knowing a code execution vulnerability in a common media handler. If
you've got one of those you could put it directly on the page in an
<embed> or <object> tag, right? No need to futz with telling the victim
to right-click and select "view image".

yesn@xxxxxxxx wrote:
> try this with Firefox 1.5.0.3
> »www.gavinsharp.com/tmp/ImageVuln.html

References:
- Firefox 1.5.0.3 code execution exploit
  - From: yesn

Prev by Date: Re: phpBB 2.0.20 Full Path Disclosure and SQL Errors
Next by Date: UBlog Remote XSS Exploit
Previous by thread: Re: Firefox 1.5.0.3 code execution exploit
Next by thread: Re: Firefox 1.5.0.3 code execution exploit
Index(es):
- Date
- Thread