BID:25543

Mozilla Firefox 2.0.0.6 Unspecified Protocol Handling Command Injection Vulnerability

Info

Mozilla Firefox 2.0.0.6 Unspecified Protocol Handling Command Injection Vulnerability

Bugtraq ID:	25543
Class:	Input Validation Error
CVE:	CVE-2007-4841
Remote:	Yes
Local:	No
Published:	Sep 01 2007 12:00AM
Updated:	Mar 19 2015 09:10AM
Credit:	Billy (BK) Rios and Nate McFeters discovered this vulnerability.
Vulnerable:	Warpzilla Enhanced Gecko 1.8.1.7 SuSE SUSE Linux Enterprise Server 9 SuSE SUSE Linux Enterprise Server 8 + Linux kernel 2.4.21 + Linux kernel 2.4.19 SuSE SUSE Linux Enterprise Server 10 SP1 SuSE SUSE Linux Enterprise Desktop 10 SP1 SuSE openSUSE 10.3 SuSE Linux Professional 10.2 x86_64 SuSE Linux Personal 10.2 x86_64 Slackware Linux 10.2 Slackware Linux 12.0 Slackware Linux 11.0 Slackware Linux -current S.u.S.E. UnitedLinux 1.0 S.u.S.E. SuSE Linux Standard Server 8.0 S.u.S.E. SuSE Linux School Server for i386 S.u.S.E. SUSE LINUX Retail Solution 8.0 S.u.S.E. SuSE Linux Openexchange Server 4.0 S.u.S.E. openSUSE 10.2 S.u.S.E. Open-Enterprise-Server 0 S.u.S.E. Novell Linux POS 9 S.u.S.E. Novell Linux Desktop 9.0 S.u.S.E. Linux Professional 10.0 OSS S.u.S.E. Linux Professional 10.0 S.u.S.E. Linux Professional 10.2 S.u.S.E. Linux Professional 10.1 S.u.S.E. Linux Personal 10.0 OSS S.u.S.E. Linux Personal 10.2 S.u.S.E. Linux Personal 10.1 S.u.S.E. Linux 10.1 x86-64 S.u.S.E. Linux 10.1 x86 S.u.S.E. Linux 10.1 ppc S.u.S.E. Linux 10.0 x86-64 S.u.S.E. Linux 10.0 x86 S.u.S.E. Linux 10.0 ppc Red Hat Fedora 7 Netscape Navigator 9.0 Mozilla Thunderbird 2.0 .6 Mozilla Thunderbird 2.0 .5 Mozilla Thunderbird 2.0 .4 Mozilla SeaMonkey 1.1.4 Mozilla SeaMonkey 1.1.3 Mozilla SeaMonkey 1.1.2 Mozilla SeaMonkey 1.1.1 Mozilla SeaMonkey 1.1 beta Mozilla Firefox 2.0 .6 Mozilla Firefox 2.0 .5 Mozilla Firefox 2.0 .4 Mozilla Firefox 2.0 .3 Mozilla Firefox 2.0 .1 Mozilla Firefox 2.0.0.2 Mozilla Firefox 2.0 RC3 Mozilla Firefox 2.0 RC2 Mozilla Firefox 2.0 beta 1 Mozilla Firefox 2.0 Mandriva Linux Mandrake 2008.0 x86_64 Mandriva Linux Mandrake 2008.0 Mandriva Linux Mandrake 2007.1 x86_64 Mandriva Linux Mandrake 2007.1 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0 HP HP-UX B.11.31 HP HP-UX B.11.23 HP HP-UX B.11.11

Not Vulnerable:	Warpzilla Enhanced Gecko 1.8.1.8 Netscape Navigator 9.0 1 Mozilla Thunderbird 2.0 .9 Mozilla SeaMonkey 1.1.5 Mozilla Firefox 2.0 .8

Discussion

Mozilla Firefox 2.0.0.6 Unspecified Protocol Handling Command Injection Vulnerability

Mozilla Firefox is prone to an unspecified vulnerability that lets remote attackers inject commands through the 'mailto', 'nntp', 'news', and 'snews' protocol handlers.

Remote attackers may influence command options that can be called through the various handlers and therefore execute commands and script code with the privileges of a user running the applications. Successful attacks may result in various consequences, including remote unauthorized access.

NOTE: Attackers can use this issue as an attack vector for the issue described in BID 25945 (Microsoft Windows URI Handler Command Execution Vulnerability).

Exploit / POC

Mozilla Firefox 2.0.0.6 Unspecified Protocol Handling Command Injection Vulnerability

Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

Mozilla Firefox 2.0.0.6 Unspecified Protocol Handling Command Injection Vulnerability

Solution:
The vendor has released updates to address this issue. Please see the references for more information.

Slackware Linux 12.0