Saturday, May 7

FrSIRT - Mozilla Firefox 1.0.3 Remote Arbitrary Code Execution Exploit

FrSIRT - Mozilla Firefox 1.0.3 Remote Arbitrary Code Execution Exploit

Mozilla Firefox 1.0.3 Remote Arbitrary Code Execution Exploit
Date : 07/05/2005


FrSIRT Comment - This is a 0day exploit/vulnerability (unpatched).
This code will download/execute a malware without user interaction.

Rated as : Critical
Solution : Disable Javascript
at
Labels: , , , , , , ,

2 comments:

Anonymous said...

FF1.0.2 isn't vulnerable according to the code provided by K-Otic.

Must be something the Mozilla Team added/changed in the 1.0.3 release.

Sat May 07, 10:28:00 PM
Joel Esler said...

Sure! They're called "features". You should be used to them by now. Microsoft has them all the time.

Mon May 09, 07:55:00 AM

Post a Comment

Subscribe to: Post Comments (Atom)

Evernote, Omnifocus, and my productivity

Over the past several years my job here at Cisco Talos has changed drastically.  I took on new roles, which is awesome and exciting, but in ...

  • Offset, Depth, Distance, and Within
    Without going off the deep-end here and discussing every single Snort rule keyword, I just wanted to touch on a few modifiers that people so...
  • Evernote, Omnifocus, and my productivity
    Over the past several years my job here at Cisco Talos has changed drastically.  I took on new roles, which is awesome and exciting, but in ...
  • Writing Snort Rules Correctly
    Let me start off by saying I'm not bashing the writer of this article, and I'm trying not to be super critical.  I don't want to...