CAN-2005-2968: Arbitrary code execution in Firefox and Mozilla

Eric Dorland eric at debian.org
Wed Sep 21 19:37:54 UTC 2005


* Mike Hommey (mh at glandium.org) wrote:
> On Wed, Sep 21, 2005 at 06:17:15AM +0200, Martin Schulze
> <joey at infodrom.org> wrote:
> > ====================================================== Candidate:
> > CAN-2005-2968 URL:
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2968
> > Final-Decision: Interim-Decision: Modified: Proposed: Assigned:
> > 20050919 Category: SF Reference:
> > CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=307185 Reference:
> > SECUNIA:16869 Reference: URL:http://secunia.com/advisories/16869
> > 
> > Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary
> > commands via shell metacharacters in a URL that is provided to the
> > browser on the command line, which is sent unfiltered to bash.
> 
> AFAICS this one doesn't apply to debian's firefox, which script is not
> the upstream one and does some command line filtering.

Absolutely true, but any sort of security audit of our own script
would be most welcome. 

-- 
Eric Dorland <eric at kuroneko.ca>
ICQ: #61138586, Jabber: hooty at jabber.com
1024D/16D970C6 097C 4861 9934 27A0 8E1C  2B0A 61E9 8ECF 16D9 70C6

-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS d- s++: a-- C+++ UL+++ P++ L++ E++ W++ N+ o K- w+ 
O? M++ V-- PS+ PE Y+ PGP++ t++ 5++ X+ R tv++ b+++ DI+ D+ 
G e h! r- y+ 
------END GEEK CODE BLOCK------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-mozilla-maintainers/attachments/20050921/3493e067/attachment.pgp


More information about the pkg-mozilla-maintainers mailing list