Vulnerability Note VU#914681
Mozilla Firefox fails to properly sanitize user-supplied URIs via shell script
A lack of input validation in a supplemental shell script included with some Mozilla browsers may allow a remote, unauthenticated attacker to execute arbitrary commands.
The Linux versions of the Mozilla Firefox and Mozilla Suite web browsers include a wrapper shell script for invoking the browser on URIs supplied by external applications. This shell script fails to sanitize shell metacharacters from the supplied URI parameters before using them to construct a shell command. By sending a specially crafted URI to a user of an application configured to invoke this shell script, a remote, unauthenticated attacker may be able to execute arbitrary commands on the vulnerable system.
This issue only affects Linux systems using the supplied firefox or mozilla shell scripts or other Unix-like systems specifically configured to use these scripts.
A remote, unauthenticated attacker may be able to execute arbitrary commands with the privileges of the user of the application which invoked the vulnerable shell script.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Mozilla, Inc.||Affected||-||22 Dec 2005|
|Red Hat, Inc.||Affected||-||22 Dec 2005|
CVSS Metrics (Learn More)
Thanks to Peter Zelezny for reporting this vulnerability.
This document was written by Chad R Dougherty.
- CVE IDs: CVE-2005-2968
- Date Public: 20 Sep 2005
- Date First Published: 22 Sep 2005
- Date Last Updated: 22 Dec 2005
- Severity Metric: 12.15
- Document Revision: 22
If you have feedback, comments, or additional information about this vulnerability, please send us email.