Bug 151153
Summary: | CAN-2005-0402 arbitrary code execution via sidebar | ||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 4 | Reporter: | Josh Bressers <bressers> | ||||||||||||
Component: | firefox | Assignee: | Christopher Aillon <caillon> | ||||||||||||
Status: | CLOSED ERRATA | QA Contact: | |||||||||||||
Severity: | medium | Docs Contact: | |||||||||||||
Priority: | medium | ||||||||||||||
Version: | 4.0 | CC: | security-response-team | ||||||||||||
Target Milestone: | --- | Keywords: | Security | ||||||||||||
Target Release: | --- | ||||||||||||||
Hardware: | All | ||||||||||||||
OS: | Linux | ||||||||||||||
Whiteboard: | impact=moderate,embargo=20050323:18,reported=20050310,source=mozilla | ||||||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||||||
Doc Text: | Story Points: | --- | |||||||||||||
Clone Of: | Environment: | ||||||||||||||
Last Closed: | 2005-03-23 19:21:23 UTC | Type: | --- | ||||||||||||
Regression: | --- | Mount Type: | --- | ||||||||||||
Documentation: | --- | CRM: | |||||||||||||
Verified Versions: | Category: | --- | |||||||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||||||
Embargoed: | |||||||||||||||
Attachments: |
|
Description
Josh Bressers
2005-03-15 14:29:48 UTC
Created attachment 112256 [details]
Demo exploit from the Mozilla BTS
Steps to Reproduce:
1. Bookmark testcase as sidebar panel
2. Click links in order
Created attachment 112257 [details]
add sidebar panel page
add sidebar panel page
Use this page to add the testcase to bookmark panel.
Steps to Reproduce (corrected): 1. Bookmark testcase as sidebar panel 2. Select "Sidebar Attack Test" from your bookmark and load it in the sidebar 3. Click links in order Created attachment 112258 [details]
testcase 2
This test case will erase localstore.rdf file in your profile directory.
Created attachment 112259 [details]
add sidebar panel page 2
Use this page to add the testcase 2 to bookmark panel.
Created attachment 112260 [details]
testcase 3 - "Plug-ins Finder"
"data:" URL example.
Lifting embargo An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-336.html |