FF vulnerability exploited via IE

A vulnerability in Firefox 2 announced this week could allow remote command execution. Only Window versions prior to Vista (XP ->) are affected.

The problem, according to Secunia, is that Firefox registers the “firefoxurl://” URI handler and allows invoking Firefox with arbitrary command line arguments. Using e.g. the “-chrome” parameter it is possible to execute arbitrary JavaScript in chrome context.

This can be exploited to execute arbitrary commands e.g. when a user visits a malicious web site using Microsoft Internet Explorer. The site xs-sniper.com shows examples of how to do this.

The vulnerability was first made known by Thor Larholm. However he believes the problem is related to Internet Explorer as it doesn’t escape the sign when passing data through to the command line.

Solution

Do not browse untrusted sites and disable the “Firefox URL” URI handler OR install the Firefox extension NoScript.

Comments are closed.