Mozilla Foundation Security Advisory 2005-59

Command-line handling on Linux allows shell execution

Announced
September 22, 2005
Reporter
Peter Zelezny
Impact
Severe
Products
Firefox, Mozilla Suite, Thunderbird
Fixed in
  • Firefox 1.0.7
  • Mozilla Suite 1.7.12
  • Thunderbird 1.0.7

Description

URLs passed to Linux versions of Firefox and Thunderbird on the command-line were not correctly protected against interpretation by the shell. As a result a malicious URL can result in the execution of shell commands with the privileges of the user. If Firefox is set as the default handler for web URLs then opening a URL in another program (for example, links in a mail or chat client) can result in shell command execution.

Workaround

Do not click on links in spam or other mail from people you don't know. Do not use the affected programs as the default handler for URLs. Upgrade to the fixed versions.

References