Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - New Firefox Vulnerability(?) InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

New Firefox Vulnerability(?)

Published: 2006-05-07
Last Updated: 2006-05-07 01:24:42 UTC
by Tony Carothers (Version: 1)
0 comment(s)

Today on Bugtraq a message was posted that listed a possible vulnerability in Firefox  Several attempts by various Handlers were unable to determine that a new vulnerability actually exists.  The link posted to Bugtraq took us to a web page that was purported to run the exploit, which did not appear to work.  Stay tuned for further details.

The "exploit" appears to be a simple link to an audio file (claims to be an image). If you, as instructed by the exploit page, open the "image", you will launch your media player and load a local .wav file. Nothing actually "bad" about that as far as we can tell, so this is probably just a joke to point out some of the social engineering aspects of hyperlinked media.

0 comment(s)
Diary Archives