Ubuntu
firefox package

Vulnerability enabling creation of arbitrary files with javascript

Bug #16536 reported by Dr. Stefan Schimanski
8
Affects Status Importance Assigned to Milestone
firefox (Ubuntu)
Invalid
Critical
Thom May

Bug Description

Also found at: https://bugzilla.mozilla.org/show_bug.cgi?id=290036
Seems to be fixed in official Firefox 1.0.3. Reproducable on Hoary with
mozilla-firefox 1.0.2-0ubuntu5 using the example from
http://www.mikx.de/firelinking/#. It is easy to modify this to create ~/.profile
with malicious content which might make all your harddisk space problems to go
away on next login.

http://www.mikx.de/firelinking/#: http://www.mikx.de/firelinking/#

See original description
Revision history for this message
Thom May (thombot) wrote :

This bug has been marked as a duplicate of bug 16231.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.