CVE-2005-2968

Published: 20 September 2005

Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary commands via shell metacharacters in a URL that is provided to the browser on the command line, which is sent unfiltered to bash.

Priority

Unknown

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
Upstream Needs triage

mozilla
Launchpad, Ubuntu, Debian
Upstream Needs triage

mozilla-thunderbird
Launchpad, Ubuntu, Debian
Upstream Needs triage