Mozilla Firefox URLBar Null Byte File Remote Code Execution Vulnerability

TITLE: Mozilla Firefox URLBar Null Byte File Remote Code Execution Vulnerability
CLASS: Input Validation Error
CVE:
REMOTE: Yes
LOCAL: No
PUBLISHED: Jun 12 2007 12:00AM
UPDATE: Jun 13 2007 05:09PM
CREDIT: 0x000000 is credited with discovering this vulnerability.
VULNERABLE:

Mozilla Firefox 2.0 3
Mozilla Firefox 2.0 .4
Mozilla Firefox 2.0 .1
Mozilla Firefox 1.5 beta 2
Mozilla Firefox 1.5 beta 1
Mozilla Firefox 1.5 12
Mozilla Firefox 1.5 .8
Mozilla Firefox 1.5 .6
Mozilla Firefox 1.5
Mozilla Firefox 1.5
Mozilla Firefox 1.0.8
Mozilla Firefox 1.0.7
Mozilla Firefox 1.0.6
Mozilla Firefox 1.0.5
Mozilla Firefox 1.0.5
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.3
+ Gentoo Linux
Mozilla Firefox 1.0.2
+ MandrakeSoft Linux Mandrake 10.2 x86_64
+ MandrakeSoft Linux Mandrake 10.2
+ MandrakeSoft Linux Mandrake 10.2
+ RedHat Desktop 4.0
+ RedHat Desktop 4.0
+ RedHat Enterprise Linux WS 4
+ RedHat Enterprise Linux WS 4
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux AS 4
+ RedHat Enterprise Linux AS 4
Mozilla Firefox 1.0.1
+ RedHat Fedora Core3
Mozilla Firefox 1.0
+ Gentoo Linux
+ Gentoo Linux
+ S.u.S.E. Linux Personal 9.2 x86_64
+ S.u.S.E. Linux Personal 9.2 x86_64
+ S.u.S.E. Linux Personal 9.2
+ S.u.S.E. Linux Personal 9.2
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 9.0
+ Slackware Linux 10.1
+ Slackware Linux 10.0
+ Slackware Linux 10.0
+ Slackware Linux 9.1
+ Slackware Linux 9.1
+ Slackware Linux -current
+ Slackware Linux -current
Mozilla Firefox 0.10.1
Mozilla Firefox 0.10
Mozilla Firefox 0.9.3
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9 rc
Mozilla Firefox 0.9
Mozilla Firefox 0.8
Mozilla Firefox 2.0.0.3
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0 RC3
Mozilla Firefox 2.0 RC2
Mozilla Firefox 2.0 beta 1
Mozilla Firefox 2.0
Mozilla Firefox 1.5.0.9
Mozilla Firefox 1.5.0.7
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.0.3
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.11
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5.0.1

NOT VULNERABLE:

Vai alla pagina originale su Security Focus

Discussion

Mozilla Firefox is prone to a remote code-execution vulnerability because it fails to adequately sanitize user-supplied input.

Attackers may exploit this issue by enticing victims into visiting a malicious site and followings links with improper file extensions.

Successful exploits may allow an attacker to crash the application or execute arbitrary code in the context of the affected application. Other attacks are also possible.

Exploit

An attacker may exploit this issue by enticing victims into visiting a malicious site.

A sample exploit has been provided:

• /data/vulnerabilities/exploits/24447.html

Solution

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:vuldb@securityfocus.com.

References

References:

• Firefox Remote & Local Code Excution 0day. (0x000000)
  
• Mozilla Homepage (Mozilla)
  

PhpLog