| VID |
28649 |
| Severity |
20 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Mozilla/Firefox, according to its version number, has a Null Character MIME Type Spoofing Vulnerability.
Mozilla/Firefox are open-source Web browsers, developed by the Mozilla project. Several Mozilla/Firefox versions allow a remote attacker to modify a file's mime type, caused by a failure of the application to properly validate input before opening. By requesting a file name appended with a NULL byte, a remote attacker could spoof the MIME type and possibly execute malicious script on the system.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.osvdb.org/displayvuln.php?osvdb_id=8307
http://archives.neohapsis.com/archives/bugtraq/2004-07/0119.html
* Platforms Affected:
Mozilla Firefox 0.9.1 and earlier
Conectiva Linux 10, 9.0
Red Hat Advanced Workstation 2.1, Red Hat Desktop 3
Red Hat Enterprise Linux 2.1AS, 2.1ES, 2.1WS, 3AS, 3ES, 3WS
Slackware Linux 10.0, 9.1, current
SuSE Linux 8.1, 8.2, 9.0, 9.1
SuSE Linux Desktop 1.0
SuSE Linux Enterprise Server 8, 9
Microsoft Windows Any version |
| Recommendation |
Upgrade the browser Firefox verison (0.9.3 or later) fixed this vulnerability, available from the Mozilla Project Web site at http://www.mozilla.org/
For Red Hat Linux:
Upgrade to the latest Mozilla package as listed in the Red Hat Security Advisory RHSA-2004:421-17:
https://rhn.redhat.com/errata/RHSA-2004-421.html
For Slackware Linux:
Upgrade to the latest Mozilla package, as listed in the slackware-security Mailing List, Tue, 10 Aug 2004 14:17:12 -0700 (PDT) at http://slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.667659
For SuSE Linux:
Apply the update for this vulnerability, as listed in SuSE Security Announcement SUSE-SA:2004:036 at http://www.linuxsecurity.com/advisories/suse_advisory-4912.html
For Conectiva Linux:
Upgrade to the latest Mozilla package, as listed in the Conectiva Linux Security Announcement CLSA-2004:877 at http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000877
For other distributions:
Contact your vendor for upgrade or patch information. |
| Related URL |
CVE-2004-0760 (CVE) |
| Related URL |
10709 (SecurityFocus) |
| Related URL |
16691 (ISS) |
|
