Lucene search
Leucosite1337DAY-ID-28675HistorySep 29, 2017 - 12:00 a.m.
Firefox browser.downloads addon Remote Code Execute (PoC) Vulnerability
2017-09-2900:00:00
leucosite
0day.today
35
EPSS
0.005
Percentile
76.7%
Exploit for multiple platform in category dos / poc
(CVE-2017-7821)
"browser.downloads addon feature may be used for RCE"
Steps:
1. Go to 'about:debugging'
2. Unpack attached PoC somewhere
3. Back in 'about:debugging' choose 'Load temp addon' and choose the poc
4. jar file is automatically downloaded and executed.
We are able to download and execute jar files automatically.
PoC Web Extention:
http://leucosite.com/CVE-2017-7821.zip
Reference:
https://bugzilla.mozilla.org/show_bug.cgi?id=1346515
https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7821
# 0day.today [2018-01-04] #Related
cvelist
cvelist
CVE-2017-7821
2018-06-11 21:00:00
cve
cve
CVE-2017-7821
2018-06-11 21:29:10
prion
prion
Design/Logic Flaw
2018-06-11 21:29:00
nvd
nvd
CVE-2017-7821
2018-06-11 21:29:10
debiancve
debiancve
CVE-2017-7821
2018-06-11 21:29:10
ubuntucve
ubuntucve
CVE-2017-7821
2017-10-02 00:00:00
seebug
seebug
ubuntu
ubuntu
Firefox vulnerabilities
2017-10-02 00:00:00
Firefox regression
2017-10-04 00:00:00
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-3435-1)
2017-10-03 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : Firefox regression (USN-3435-2)
2017-10-05 00:00:00
Mozilla Firefox < 56 Multiple Vulnerabilities
2017-10-06 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3435-1)
2017-10-05 00:00:00
Ubuntu: Security Advisory (USN-3435-2)
2017-10-06 00:00:00
Mozilla Firefox Security Advisory (MFSA2017-21) - Linux
2021-11-08 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Firefox 56 — Mozilla
2017-09-28 00:00:00
kaspersky
kaspersky
KLA11109 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2017-09-28 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2017-09-28 00:00:00