Additional Firefox 0 Day Exploits

by Nitesh Dhanjani

Billy Rios has let me know about another vulnerability he has found along with Nate McFeters. Here are the URLs, which when clicked from Firefox running on Windows should spawn cmd.exe and calc.exe in order to demonstrate remote execution flaws in Firefox:

5 Comments

Erez
2007-07-25 01:02:47
Strangely enough, those urls don't work on my Firefox 2.0.0.5
mechanix
2007-07-25 02:04:40
yeah, those do not work with mine too


Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.4) Gecko/20070515 Firefox/2.0.0.4
:)

Nitesh
2007-07-25 06:15:21
mechanix: The vulnerability affects Windows only
Maa
2007-07-25 19:56:31
No, they don't work. FF 2.0.0.5, Windows XP Pro.
Маа
2007-07-25 20:00:42
PS. I guess the reason they don't work is that I use OE for email and news. Haha.