Vulnerabilities > CVE-2005-0230 - Unspecified vulnerability in Mozilla Firefox 1.0
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Firefox 1.0 does not prevent the user from dragging an executable file to the desktop when it has an image/gif content type but has a dangerous extension such as .bat or .exe, which allows remote attackers to bypass the intended restriction and execute arbitrary commands via malformed GIF files that can still be parsed by the Windows batch file parser, aka "firedragging."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200503-10.NASL description The remote host is affected by the vulnerability described in GLSA-200503-10 (Mozilla Firefox: Various vulnerabilities) The following vulnerabilities were found and fixed in Mozilla Firefox: Michael Krax reported that plugins can be used to load privileged content and trick the user to interact with it (CAN-2005-0232, CAN-2005-0527) Michael Krax also reported potential spoofing or cross-site-scripting issues through overlapping windows, image drag-and-drop, and by dropping javascript: links on tabs (CAN-2005-0230, CAN-2005-0231, CAN-2005-0591) Daniel de Wildt and Gael Delalleau discovered a memory overwrite in a string library (CAN-2005-0255) Wind Li discovered a possible heap overflow in UTF8 to Unicode conversion (CAN-2005-0592) Eric Johanson reported that Internationalized Domain Name (IDN) features allow homograph attacks (CAN-2005-0233) Mook, Doug Turner, Kohei Yoshino and M. Deaudelin reported various ways of spoofing the SSL last seen 2020-06-01 modified 2020-06-02 plugin id 17276 published 2005-03-06 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/17276 title GLSA-200503-10 : Mozilla Firefox: Various vulnerabilities NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200503-30.NASL description The remote host is affected by the vulnerability described in GLSA-200503-30 (Mozilla Suite: Multiple vulnerabilities) The following vulnerabilities were found and fixed in the Mozilla Suite: Mark Dowd from ISS X-Force reported an exploitable heap overrun in the GIF processing of obsolete Netscape extension 2 (CAN-2005-0399) Michael Krax reported that plugins can be used to load privileged content and trick the user to interact with it (CAN-2005-0232, CAN-2005-0527) Michael Krax also reported potential spoofing or cross-site-scripting issues through overlapping windows, image or scrollbar drag-and-drop, and by dropping javascript: links on tabs (CAN-2005-0230, CAN-2005-0231, CAN-2005-0401, CAN-2005-0591) Daniel de Wildt and Gael Delalleau discovered a memory overwrite in a string library (CAN-2005-0255) Wind Li discovered a possible heap overflow in UTF8 to Unicode conversion (CAN-2005-0592) Eric Johanson reported that Internationalized Domain Name (IDN) features allow homograph attacks (CAN-2005-0233) Mook, Doug Turner, Kohei Yoshino and M. Deaudelin reported various ways of spoofing the SSL last seen 2020-06-01 modified 2020-06-02 plugin id 17619 published 2005-03-25 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/17619 title GLSA-200503-30 : Mozilla Suite: Multiple vulnerabilities NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-149-3.NASL description USN-149-1 fixed some vulnerabilities in the Ubuntu 5.04 (Hoary Hedgehog) version of Firefox. The version shipped with Ubuntu 4.10 (Warty Warthog) is also vulnerable to these flaws, so it needs to be upgraded as well. Please see http://www.ubuntulinux.org/support/documentation/usn/usn-149-1 for the original advisory. This update also fixes several older vulnerabilities; Some of them could be exploited to execute arbitrary code with full user privileges if the user visited a malicious website. (MFSA-2005-01 to MFSA-2005-44; please see the following website for details: http://www.mozilla.org/projects/security/known-vulnerabilities.html) Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 20546 published 2006-01-15 reporter Ubuntu Security Notice (C) 2005-2018 Canonical, Inc. / NASL script (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20546 title Ubuntu 4.10 : mozilla-firefox vulnerabilities (USN-149-3) NASL family Windows NASL id MOZILLA_FIREFOX_101.NASL description The installed version of Firefox is earlier than 1.0.1. Such versions have multiple security issues, including vulnerabilities that could allow an attacker to impersonate a website by using an International Domain Name, or vulnerabilities that could allow arbitrary code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 17218 published 2005-02-25 reporter This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/17218 title Firefox < 1.0.1 Multiple Vulnerabilities
Oval
accepted | 2007-05-09T16:10:39.096-04:00 | ||||||||||||||||||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||||||||||||||||||
description | Firefox 1.0 does not prevent the user from dragging an executable file to the desktop when it has an image/gif content type but has a dangerous extension such as .bat or .exe, which allows remote attackers to bypass the intended restriction and execute arbitrary commands via malformed GIF files that can still be parsed by the Windows batch file parser, aka "firedragging." | ||||||||||||||||||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:100033 | ||||||||||||||||||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||||||||||||||||||
submitted | 2005-08-16T12:00:00.000-04:00 | ||||||||||||||||||||||||||||||||||||||||||||
title | Mozilla Image Spoofing Vulnerability | ||||||||||||||||||||||||||||||||||||||||||||
version | 6 |
References
- http://marc.info/?l=bugtraq&m=110780995232064&w=2
- http://secunia.com/advisories/19823
- http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml
- http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml
- http://www.mikx.de/firedragging/
- http://www.mozilla.org/security/announce/mfsa2005-25.html
- http://www.novell.com/linux/security/advisories/2006_04_25.html
- http://www.securityfocus.com/bid/12468
- https://bugzilla.mozilla.org/show_bug.cgi?id=279945
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100033