Mozilla Firefox version 3.0.1 suffers from a file type checking vulnerability allowing for cross site scripting attacks via ftp, etc.
f6aeb805636bcae6ee5a895ee477e5ce34f7996f9d28219554cab4fb72d61342###########################################################
# Mozilla Firefox 3.0.1, #
# file type check vulnerability #
# when browsing through ftp. #
###########################################################
# For example, when browsing: #
# ftp://ftp.example.net/picture.jpg #
# or it could be .txt, .pdf, etc... #
# Mozilla Firefox does not check the file type. #
# #
# When browsing only ftp://ftp.example.net/ #
# you will see the picture.jpg file, like any other #
# image file, with icons and such :) #
###########################################################
Example content of the picture.jpg file:
/Begin:
<html>
<body>
<script>alert('You are Pwned!');</script>
</body>
</html>
End\
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed