Mozilla Browsers XPCOM Scrollbar Arbitrary Code Execution

2005-02-25T18:55:04
ID OSVDB:14197
Type osvdb
Reporter Michael Krax(mikx@mikx.de)
Modified 2005-02-25T18:55:04

Description

Vulnerability Description

Firefox contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when downloading a malformed HTML document that includes Firefox XPCOM code to perform actions that are triggered by scrollbar actions. It is possible that the flaw may allow writing to an arbitrary local file.

Solution Description

Upgrade to version 1.0.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Firefox contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when downloading a malformed HTML document that includes Firefox XPCOM code to perform actions that are triggered by scrollbar actions. It is possible that the flaw may allow writing to an arbitrary local file.

References:

Vendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=280664 Vendor Specific Advisory URL Security Tracker: 1013301 Secunia Advisory ID:14160 Secunia Advisory ID:15180 Secunia Advisory ID:14737 RedHat RHSA: RHSA-2005:384 Other Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml Other Advisory URL: http://www.mikx.de/firescrolling/ Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-02/0551.html Keyword: firescrolling Keyword: MFSA 2005-27 CVE-2005-0527