CVE-2005-0230

Name of the Vulnerable Software and Affected Versions Firefox version 1.0

Description The issue allows remote attackers to bypass the intended restriction and execute arbitrary commands via malformed GIF files that can still be parsed by the Windows batch file parser. This occurs when an executable file with a dangerous extension, such as .bat or .exe, is dragged to the desktop despite having an image/gif content type.

Recommendations For Firefox version 1.0, as a temporary workaround, consider restricting the dragging of files with image/gif content type to the desktop to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.