PCWorks: Re: "Highly critical" Vulnerability-Firefox "firefoxurl" URI Handler Registration

Thread: PCWorks: Re: "Highly critical" Vulnerability-Firefox "firefoxurl" URI Handler Registration

Search this list only Search all lists
PCWorks: Re: "Highly critical" Vulnerability-Firefox "firefoxurl" URI Handler Registration
United States	2007-07-12 10:57:17
I went to that URL when I posted that and I couldn't get any of the links to work. They were all "The page cannot be displayed". I then tried what you suggested and I also got "The page cannot be displayed". Maybe it's because I have v1.5x installed, (or, because of all my security programs installed). -Clint God Bless Clint Hamilton, Owner http://www.OrpheusCo mputing.com/ http://www.Comput ersCustomBuilt.com http://Computer-Hardware-Sales-Consumer-Electronics -Sales.com ----- Original Message ----- Clint, have you tried the bug? Open IE and put this into the address field "firefoxurl://larholm.com", and it will execute the bug and use the CMD.exe to attempt to open Firefox. It will launch Firefox and ask you an External Protocol Request to handle the link where you click Launch application or cancel. The firefoxurl://larholm.com takes you to the page of the developer who discovered the bug, http://larholm.com/2007/07/10/internet-explorer-0da y-exploit/ And all this in an attempt to handle Vista compatibility. Peter Kaulback ----- Original Message ----- This is a pretty bad one with apparently no fix. I checked all the URL's I don't see any workaround where they mentioned: "Added workaround to the 'Solution' section." -Clint TITLE: Firefox "firefoxurl" URI Handler Registration Vulnerability SECUNIA ADVISORY ID: SA25984 VERIFY ADVISORY: http://secunia.c om/advisories/25984/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote REVISION: 1.1 originally posted 2007-07-10 SOFTWARE: Mozilla Firefox 2.0.x http://secunia.com/ product/12434/ DESCRIPTION: A vulnerability has been discovered in Firefox, which can be exploited by malicious people to compromise a user's system. The problem is that Firefox registers the "firefoxurl://" URI handler and allows invoking firefox with arbitrary command line arguments. Using e.g. the "-chrome" parameter it is possible to execute arbitrary Javascript in chrome context. This can be exploited to execute arbitrary commands e.g. when a user visits a malicious web site using Microsoft Internet Explorer. The vulnerability is confirmed in Firefox version 2.0.0.4 on a fully patched Windows XP SP2. Other versions may also be affected. SOLUTION: Do not browse untrusted sites. Disable the "Firefox URL" URI handler. CHANGELOG: 2007-07-10: Added workaround to the "Solution" section. ORIGINAL ADVISORY: http://www.xs-sniper.com/sniperscope/IE-Pwns-Firefox.ht ml http://larholm.com/2007/07/10/internet-explorer-0da y-exploit/ ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/r ules.htm Contact list owner <owner-pcworksimagicomm.com> Unsubscribing and other changes: http://pcworkers.com =====================================================

[1]

about | contact Other archives ( Real Estate discussion Medical topics )