the file manager spawns another program based on the MIME type (eg.it determines the MIME type based on the file content (eg.it fails to recognize the file extension.the file manager tries to detect the file type,.the user agent saves the file on the filesystem and calls the file manager with the file (eg.the user does not find this very dangerous and accepts.based on the MIME type, the user agent suggests opening the file with a file manager (eg.user browser to a malicious web resource (/REPORT.ΡDF) or opens a malicious email attachement served with the inode/directory MIME type.PCManFM-Qt forwards to other programs when passed a file through CLI.PCManFM forwards to other programs when passed a file through CLI.Thunar forwards to other programs when passed a file through CLI ( CVE-2021-32563, fixed in v4.16.7 and v4.17.2).File type description spoofing in Firefox and Thunderbird.Firefox and Thunderbird accept special Freedekstop MIME types ( inode/*, x-scheme-handler/*).This is done by first serving a "safe" file type (such as a PDF) with this MIME type. Moreover, in Firefox and Thunderbird, we can corrupt the file association database (handlers.json) in order to display a bogus file type description associated with the inode/directory or x-scheme- handler/trash MIME type. We can use a visually confusable file name such as REPORT.ΡDF (notice the non-ASCII first letter in the extension) in order to trick the user into thinking he is opening a "safe" file type while disabling MIME-type detection based on the file name extension. Thunar, PCManFM, PCManFM-Qt were found to exhibit this behavior.
#Could not find the mozilla runtime thunderbird code
using Mono to trigger arbitrary code execution). Depending on the program used, this might be used to trigger arbitrary code execution (eg. However, when called this way, several file managers will try to call another program to handle the file which might result in the execution of another program.
By using special Freedesktop MIME types (such as inode/directory or x-scheme-handler/trash), a remote attacker can trick the user into thinking he is about to open a file with a innocuous program (a file manager). On Firefox and Thunderbird, a user interface is used to let the user confirm which program to use to open the file. Example with Firefox with x-scheme-handler/trash.Advanced example using Firefox and file type description spoofing.
0 kommentar(er)
