CVE-2009-3478 Information
Description
Argument injection vulnerability in (1) src/content/js/connection/sftp.js and (2) src/content/js/connection/controlSocket.js.in in FireFTP Extension 1.0.5 for Firefox allows remote authenticated SFTP users to cause victims to alter permissions delete download or move the wrong file via a filename containing \ (double quotes) which is not properly filtered or encoded when FireFTP constructs the command to send to psftp.exe.
Reference
http://secunia.com/advisories/36860 http://vuln.sg/fireftp105-en.html http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.74;r2=1.75;f=h http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/controlSocket.js.in.diff?r1=1.75;r2=1.76;f=h http://www.mozdev.org/source/browse/fireftp/src/content/js/connection/sftp.js.diff?r1=1.8;r2=1.9;f=h http://www.securityfocus.com/bid/36536
Share on: