<<< Date Index >>>     <<< Thread Index >>>

Re: Firefox 1.5.0.3 code execution exploit



Nothing new, that's the issue described by Secunia at
http://secunia.com/advisories/19698/

Firefox won't run executable types, so "code execution" would require
knowing a code execution vulnerability in a common media handler. If
you've got one of those you could put it directly on the page in an
<embed> or <object> tag, right? No need to futz with telling the victim
to right-click and select "view image".

yesn@xxxxxxxx wrote:
> try this with Firefox 1.5.0.3
> »www.gavinsharp.com/tmp/ImageVuln.html