Arbitrary Code Execution Vulnerability in Mozilla

Reported July 9, 2004, by Mozilla Security Group


  • Mozilla (suite) 1.7.0 and earlier
  • Mozilla Firefox 0.9.1 and earlier
  • Mozilla Thunderbird 0.7.1 and earlier

Windows versions of Mozilla products use the shell: scheme to pass Uniform Resource Identifiers (URIs) to the OS for handling. The effects of the vulnerability depend on the version of Windows, but on Windows XP it's possible to launch executables in known locations or the default handlers for file extensions. An attacker could combine this effect with a known buffer overrun in any of the affected Mozilla programs to create a remote execution exploit.

The Mozilla Foundation has released the security bulletin "What Mozilla users should know about the shell: protocol security issue," which addresses this vulnerability, and recommends that affected users immediately apply the appropriate patch listed in the bulletin or upgrade to the latest software release.

Discovered by Keith McCanless.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.