Exploitation Summary
EIP tracks 1 public exploit for CVE-2005-2968. PoCs published by eter Zelezny.
AI-analyzed exploit summary This exploit leverages a command injection vulnerability in Mozilla Firefox and related applications by embedding shell commands in a maliciously crafted URL. The example uses backticks to execute the 'find' command, demonstrating arbitrary command execution on UNIX-based systems.
Description
Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary commands via shell metacharacters in a URL that is provided to the browser on the command line, which is sent unfiltered to bash.
Exploits (1)
This exploit leverages a command injection vulnerability in Mozilla Firefox and related applications by embedding shell commands in a maliciously crafted URL. The example uses backticks to execute the 'find' command, demonstrating arbitrary command execution on UNIX-based systems.