Issue
We are currently investigating an issue on Windows XP, where some urls for “web” protocols that contain %00 launch the wrong handler and appear to be able to launch local programs, with limited argument passing.
Impact
The impact to users is unknown at this point in time. We are working to verify this and in the meantime, advise users to be cautious when browsing unknown sites.
Status
We are currently working on a fix. You can follow our work and process at: https://bugzilla.mozilla.org/show_bug.cgi?id=389580
Credit
Billy Rios and Nate McFeters posted details about this issue publicly at:http://xs-sniper.com/blog/remote-command-exec-firefox-2005/
Ping from Techzi » Blog Archive » Mozilla flaw attack code published on
Ping from Mozilla flaw attack code published on
Ping from University Update - Firefox - Permanent Link to Launching local programs through FileType handler on
Ping from Mozilla’s Latest Firefox Security Issue » SELaplana on
Ping from Dimension 2k : Blog Archive : Remote Command Execution Bug im Mozilla on
Ping from Security Tips » Firefox Fixes FileType Flaw on
Ping from Mozilla flaw attack code published « TechTitans™ on
Ping from » Protocol abuse adds to Firefox, Windows security woes | Ryan Naraine’s Zero Day | ZDNet.com on