Info

Disclosure

May 12, 2005

Discovery

Unknown

Dates

Exploit

May 12, 2005

Solution

Unknown

Description

Mozilla Firefox contains a flaw that may allow a malicious user to spoof file types in the file download dialog. The issue exists because file download dialog does not properly validate the filename and the "Content-Type" HTTP header before displaying it. It is possible that the flaw may trick a user into executing malware if the file is opened through the file download dialog resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public
Disclosure: OSVDB Verified, Vendor Verified

Solution

Upgrade to version 1.0.1 or higher, as it has been reported to partially fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Mozilla Organization

Firefox

1.0

References

Security Tracker: 1013966
Secunia Advisory ID: 12979
SCIP VulDB ID: 1474
Related OSVDB ID: 16432
CVE ID: 2005-1575 (see also: NVD)
Other Advisory URL: http://secunia.com/secunia_research/2004-11/advisory/
Vendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=267122

Credit

Secunia Security Advisories - sec-advsecunia.com - Secunia

Direct URL: http://osvdb.org/16431