Firelinking: Remote Code Execution via Favicon Functionality
CVE-2005-1155 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The favicon functionality in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary code via a <LINK rel="icon"> tag with a javascript: URL in the href attribute, aka "Firelinking."
Learn more about our Web Application Penetration Testing UK.