Mozilla Firefox does not properly enforce domain restrictions on content sent by external applications, allowing a remote attacker to execute code on a vulnerable system.
If Firefox is displaying a privileged chrome: URI, then the external application could cause Firefox to execute arbitrary code.
By convincing a user to open a specially crafted media file, an attacker may be able to execute arbitrary code on a vulnerable system. Other applications that have the ability to send URIs to Firefox may also be used to trigger the vulnerability. Additional impacts are similar to cross-site scripting attacks, as described in CERT Advisory CA-2000-02.
Netscape 8 is configured by default to open external links in new tabs, which prevents exploitation of this vulnerability.
Netscape Communications Corporation
Red Hat Software, Inc.
This vulnerability was reported in Mozilla Foundation Security Advisory 2005-53 . Mozilla credits Michael Krax for providing information regarding this issue.
This document was written by Jeff Gennari and Will Dormann.
|Date First Published:||2005-08-02|
|Date Last Updated:||2005-08-15 12:50 UTC|