Saturday, May 7

FrSIRT - Mozilla Firefox 1.0.3 Remote Arbitrary Code Execution Exploit

FrSIRT - Mozilla Firefox 1.0.3 Remote Arbitrary Code Execution Exploit


Mozilla Firefox 1.0.3 Remote Arbitrary Code Execution Exploit

Date : 07/05/2005




FrSIRT Comment - This is a 0day exploit/vulnerability (unpatched).

This code will download/execute a malware without user interaction.


Rated as : Critical

Solution : Disable Javascript
at
Labels: , , , , , , ,

4 comments:

pilgrim said...

FF1.0.2 isn't vulnerable according to the code provided by K-Otic.

Must be something the Mozilla Team added/changed in the 1.0.3 release.

Sat May 07, 05:28:00 PM
pilgrim said...

FF1.0.2 isn't vulnerable according to the code provided by K-Otic. Must be something the Mozilla Team added/changed in the 1.0.3 release.

Sat May 07, 10:28:00 PM
Joel Esler said...

Sure! They're called "features". You should be used to them by now. Microsoft has them all the time.

Mon May 09, 02:55:00 AM
Joel Esler said...

Sure! They're called "features". You should be used to them by now. Microsoft has them all the time.

Mon May 09, 07:55:00 AM

Post a Comment

Subscribe to: Post Comments (Atom)

Evernote, Omnifocus, and my productivity

Over the past several years my job here at Cisco Talos has changed drastically.  I took on new roles, which is awesome and exciting, but in ...

  • Offset, Depth, Distance, and Within
    Without going off the deep-end here and discussing every single Snort rule keyword, I just wanted to touch on a few modifiers that people so...
  • Writing Snort Rules Correctly
    Let me start off by saying I'm not bashing the writer of this article, and I'm trying not to be super critical.  I don't want to...
  • Evernote, Omnifocus, and my productivity
    Over the past several years my job here at Cisco Talos has changed drastically.  I took on new roles, which is awesome and exciting, but in ...