SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips
 

Vulnerability Note VU#914681

Mozilla Firefox fails to properly sanitize user-supplied URIs via shell script

Overview

A lack of input validation in a supplemental shell script included with some Mozilla browsers may allow a remote, unauthenticated attacker to execute arbitrary commands.

I. Description

The Linux versions of the Mozilla Firefox and Mozilla Suite web browsers include a wrapper shell script for invoking the browser on URIs supplied by external applications. This shell script fails to sanitize shell metacharacters from the supplied URI parameters before using them to construct a shell command. By sending a specially crafted URI to a user of an application configured to invoke this shell script, a remote, unauthenticated attacker may be able to execute arbitrary commands on the vulnerable system.

This issue only affects Linux systems using the supplied firefox or mozilla shell scripts or other Unix-like systems specifically configured to use these scripts.

II. Impact

A remote, unauthenticated attacker may be able to execute arbitrary commands with the privileges of the user of the application which invoked the vulnerable shell script.

III. Solution

Upgrade


The Mozilla project has released version 1.0.7 of the Firefox web browser which includes a patch for this issue. Firefox users are encouraged to upgrade to this version of the software.

The Mozilla project has also released version 1.7.12 of the Mozilla Suite product which includes a patch for this issue. Mozilla Suite users are encouraged to upgrade to this version of the software.

Workarounds

Do not click on URIs provided by external applications, such as email clients, on the affected systems. Copy and paste the URI into the browser instead.

Systems Affected

VendorStatusDate Updated
Mozilla, Inc.Vulnerable22-Dec-2005
Red Hat, Inc.Vulnerable22-Dec-2005

References


https://bugzilla.mozilla.org/show_bug.cgi?id=307185
http://secunia.com/advisories/16869/
http://secunia.com/advisories/16846/
http://secunia.com/advisories/16901/
http://www.auscert.org.au/5513

Credit

Thanks to Peter Zelezny for reporting this vulnerability.

This document was written by Chad R Dougherty.

Other Information

Date Public09/20/2005
Date First Published09/22/2005 04:34:19 PM
Date Last Updated12/22/2005
CERT Advisory 
CVE-ID(s)CVE-2005-2968
NVD-ID(s)CVE-2005-2968
US-CERT Technical Alerts 
Metric12.15
Document Revision22

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Produced 2005 by US-CERT, a government organization
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader