You are here: Security Center > Mozilla Foundation Security Advisories > MFSA 2009-04

Mozilla Foundation Security Advisory 2009-04

Title: Chrome privilege escalation via local .desktop files
Impact: Moderate
Announced: February 3, 2009
Reporter: Georgi Guninski
Products: Firefox, SeaMonkey

Fixed in: Firefox 3.0.6


Mozilla security researcher Georgi Guninski reported that the fix for an earlier vulnerability reported by Liu Die Yu using local internet shortcut files to access other sites (MFSA 2008-47) could be bypassed by redirecting to a privileged about: URI such as about:plugins. If an attacker could get a victim to download two files, a malicious HTML file and a .desktop shortcut file, they could have the HTML document load a privileged chrome document via the shortcut and both documents would be treated as same origin. This vulnerability could potentially be used by an attacker to inject arbitrary code into the chrome document and execute with chrome privileges. Because this attack has relatively high complexity, the severity of this issue was determined to be moderate.