Lucene search
FreeBSD2E28CEFB-2AEE-11DA-A263-0001020EED82HistorySep 06, 2005 - 12:00 a.m.
firefox & mozilla -- command line URL shell command injection
2005-09-0600:00:00
vuxml.freebsd.org
10
0.962 High
EPSS
Percentile
99.5%
A Secunia Advisory reports:
Peter Zelezny has discovered a vulnerability in Firefox,
which can be exploited by malicious people to compromise a
user’s system.
The vulnerability is caused due to the shell script used
to launch Firefox parsing shell commands that are enclosed
within backticks in the URL provided via the command
line. This can e.g. be exploited to execute arbitrary
shell commands by tricking a user into following a
malicious link in an external application which uses
Firefox as the default browser.
Related
ubuntu
ubuntu
Mozilla and Firefox vulnerabilities
2005-09-23 00:00:00
Thunderbird vulnerabilities
2005-10-11 00:00:00
checkpoint_advisories
checkpoint_advisories
openvas
openvas
FreeBSD Ports: firefox
2008-09-04 00:00:00
FreeBSD Ports: firefox
2008-09-04 00:00:00
Debian: Security Advisory (DSA-868-1)
2008-01-17 00:00:00
cvelist
cvelist
CVE-2005-2968
2005-09-20 04:00:00
nessus
nessus
FreeBSD : firefox & mozilla -- command line URL shell command injection (2e28cefb-2aee-11da-a263-0001020eed82)
2006-05-13 00:00:00
Fedora Core 3 : thunderbird-1.0.7-1.1.fc3 (2005-962)
2005-10-05 00:00:00
Fedora Core 4 : thunderbird-1.0.7-1.1.fc4 (2005-963)
2005-10-05 00:00:00
cve
cve
CVE-2005-2968
2005-09-20 22:03:00
securityvulns
securityvulns
Firefox Command Line URL Shell Command Injection
2005-09-21 00:00:00
ubuntucve
ubuntucve
CVE-2005-2968
2005-09-20 00:00:00
cert
cert
redhat
redhat
(RHSA-2005:791) thunderbird security update
2005-10-06 00:00:00
(RHSA-2005:785) firefox security update
2005-09-22 00:00:00
centos
centos
thunderbird security update
2005-10-06 23:10:29
firefox security update
2005-09-22 22:46:14
debian
debian
osv
osv
mozilla-thunderbird - several
2005-10-20 00:00:00
mozilla - several
2005-10-20 00:00:00