Saturday, May 7

FrSIRT - Mozilla Firefox 1.0.3 Remote Arbitrary Code Execution Exploit

FrSIRT - Mozilla Firefox 1.0.3 Remote Arbitrary Code Execution Exploit

Mozilla Firefox 1.0.3 Remote Arbitrary Code Execution Exploit
Date : 07/05/2005


FrSIRT Comment - This is a 0day exploit/vulnerability (unpatched).
This code will download/execute a malware without user interaction.

Rated as : Critical
Solution : Disable Javascript

2 comments:

pilgrim said...

FF1.0.2 isn't vulnerable according to the code provided by K-Otic.

Must be something the Mozilla Team added/changed in the 1.0.3 release.

Joel Esler said...

Sure! They're called "features". You should be used to them by now. Microsoft has them all the time.

Evernote, Omnifocus, and my productivity

Over the past several years my job here at Cisco Talos has changed drastically.  I took on new roles, which is awesome and exciting, but in ...