Full Disclosure mailing list archives

Re: Found a lot of sites exploiting Firefox URI vulnerability!!! - part 2

From: Daniel Veditz <dveditz () cruzio com>
Date: Mon, 13 Aug 2007 11:09:49 -0700

carl hardwick wrote:

Found a lof of sites exploiting Firefox URI vulnerability!!!


Maybe I'm getting to these sites after they've been cleaned up, or maybe
I'm just missing it, but what exactly are they exploiting and how? I don't
see anything that looks like the recent announced Firefox URI problems (no
firefoxurl: URIs, no %00 or double-quotes in URIs). One site did try to
download a probably-malicious "codec.exe", but that was a simple
"location=" trick that works on any browser (a save dialog came up).

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Found a lot of sites exploiting Firefox URI vulnerability!!! - part 2 carl hardwick (Aug 13)
- Re: Found a lot of sites exploiting Firefox URI vulnerability!!! - part 2 Daniel Veditz (Aug 13)
- <Possible follow-ups>
- Found a lot of sites exploiting Firefox URI vulnerability!!! - part 2 carl hardwick (Aug 14)