Mozilla Firefox xdg-open 'mailcap' File Remote Code Execution Vulnerability

info
discussion
exploit
solution
references

Mozilla Firefox xdg-open 'mailcap' File Remote Code Execution Vulnerability

An attacker can exploit this issue by enticing an unsuspecting victim to view a malicious file using the affected application.

The following website demonstrates this issue.

NOTE: Symantec urges caution when testing exploits from third-party sources.

https://prefbar.mozdev.org/testxdgopen.html
http://prefbar.mozdev.org/testxdgopen.html