Bugtraq mailing list archives

Re: Firefox 1.5.0.3 code execution exploit

From: Daniel Veditz <dveditz () cruzio com>
Date: Sun, 07 May 2006 10:15:50 -0700

Nothing new, that's the issue described by Secunia at
http://secunia.com/advisories/19698/

Firefox won't run executable types, so "code execution" would require
knowing a code execution vulnerability in a common media handler. If
you've got one of those you could put it directly on the page in an
<embed> or <object> tag, right? No need to futz with telling the victim
to right-click and select "view image".

yesn () anon com wrote:

try this with Firefox 1.5.0.3
»www.gavinsharp.com/tmp/ImageVuln.html

Current thread:

Firefox 1.5.0.3 code execution exploit yesn (May 06)
- Re: Firefox 1.5.0.3 code execution exploit James_gmail-ij (May 10)
- Re: Firefox 1.5.0.3 code execution exploit Flavio Visentin (May 10)
- Re: Firefox 1.5.0.3 code execution exploit Daniel Veditz (May 10)
- Re: Firefox 1.5.0.3 code execution exploit Ismail Donmez (May 10)
- <Possible follow-ups>
- Re: Firefox 1.5.0.3 code execution exploit Juha-Matti Laurio (May 10)