HTTP: Executable Returned For Image File Type
This signature detects an executable extension being sent with an image file type. A successful attack can allow arbitrary code execution.
Extended Description
Mozilla Firefox is reported prone to a security vulnerability that could allow a malicious website to bypass drag-and-drop functionality security policies. A user can exploit this vulnerability with an image that renders correctly in the Firefox browser, but is saved with a '.bat' file extension when dragged and dropped onto the local filesystem. Since the batch file interpreter on Microsoft Windows is particularly lenient when it comes to syntax, batch commands appended to the image file will be executed if the image that was dragged and dropped is invoked. Update: Netscape 7.2 is reported vulnerable to this issue as well. Other versions may also be affected.
Affected Products
Mozilla firefox
References
CVE: CVE-2005-0230
Short Name
HTTP:STC:IMG:EXE-FOR-IMG-TYPE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2005-0230 Executable File For Image Returned Type
Release Date
11/13/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Hp
Mozilla
Suse
Netscape
Gentoo
CVSS Score
5.1