Saturday, May 7

FrSIRT - Mozilla Firefox 1.0.3 Remote Arbitrary Code Execution Exploit

FrSIRT - Mozilla Firefox 1.0.3 Remote Arbitrary Code Execution Exploit


Mozilla Firefox 1.0.3 Remote Arbitrary Code Execution Exploit

Date : 07/05/2005




FrSIRT Comment - This is a 0day exploit/vulnerability (unpatched).

This code will download/execute a malware without user interaction.


Rated as : Critical

Solution : Disable Javascript
at
Labels: , , , , , , ,

4 comments:

pilgrim said...

FF1.0.2 isn't vulnerable according to the code provided by K-Otic.

Must be something the Mozilla Team added/changed in the 1.0.3 release.

Sat May 07, 05:28:00 PM
pilgrim said...

FF1.0.2 isn't vulnerable according to the code provided by K-Otic. Must be something the Mozilla Team added/changed in the 1.0.3 release.

Sat May 07, 10:28:00 PM
Joel Esler said...

Sure! They're called "features". You should be used to them by now. Microsoft has them all the time.

Mon May 09, 02:55:00 AM
Joel Esler said...

Sure! They're called "features". You should be used to them by now. Microsoft has them all the time.

Mon May 09, 07:55:00 AM

Post a Comment

Subscribe to: Post Comments (Atom)

Call of Duty Error 6034 for the Xbox

Several friends and I play Call of Duty nearly every night.  However, Activision’s most recent multiplayer update broke the heck out of Call...

  • Offset, Depth, Distance, and Within
    Without going off the deep-end here and discussing every single Snort rule keyword, I just wanted to touch on a few modifiers that people so...
  • Writing Snort Rules Correctly
    Let me start off by saying I'm not bashing the writer of this article, and I'm trying not to be super critical.  I don't want to...
  • All SANS exams to be proctored?
    What kind of crap is this? "Effective December 1st, 2007, all new GIAC certification attempts and re-certification attempts are require...