Mozilla Firefox File Type Check Vulnerability

Mozilla Firefox, a popular web browser, has a new vulnerability that is exploitable in versions 0.10 to 2.0.0.4.  The vulnerability allows an attacker to lure victims to a malicious site and follow links with improper file extensions.  In order for this to be exploited, the victim must willingly interact with the attack method.  If successful, the attacker may have the ability to crash the application or execute arbitrary code.  There currently is no known solution or vendor fix for this vulnerability.

References:

National Vulnerability Database

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3285

Posted by Kitch Spicer on June 21, 2007, in Handlers Log.

Purdue University, 610 Purdue Mall, West Lafayette, IN 47907, (765) 494-4600

© 2016 Purdue University | An equal access/equal opportunity university | Integrity Statement | Copyright Complaints | Maintained by ITaP

Trouble with this page? Disability-related accessibility issue? Please contact ITaP at itap@purdue.edu.

PDF files can be viewed in Adobe Acrobat Reader.