Signature Detail

HTTP: Mozilla Local File Execution

This signature detects a malicious link contained in a HTML document. Attackers can embed a maliciously crafted link in an HTML document; when the HTML document is viewed, the link executes a file in the local user profile directory.

Extended Description

Mozilla Internet Browser is reported prone to a weakness that may permit an external protocol to be called without any user interaction. This may expose Mozilla users to vulnerabilities that exist in the underlying operating system or in the software that is the default handler for a registered protocol. Vulnerabilities in the applications that are invoked by a protocol, and vulnerabilities in the way a called protocol is handled by the host operating system may be exploited using this weakness in the Mozilla browser.

Affected Products

• K-Meleon 0.8.2
• Mozilla Browser 1.7.0
• Mozilla Browser 1.7.0 Rc3
• Mozilla Firefox 0.8.0
• Mozilla Firefox 0.9.0 Rc
• Mozilla Firefox 0.9.1
• Mozilla Thunderbird 0.7.0
• Mozilla Thunderbird 0.7.1
• Netscape Navigator 7.0.2
• Netscape Navigator 7.1.0

References

• BugTraq: 10681
• CVE: CVE-2004-0648
• URL: http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0290.html
• URL: http://www.mozilla.org/security/shell.html
• URL: http://www.ciac.org/ciac/bulletins/o-175.shtml