Mozilla_Firefox_Download_Directory_File_Deletion_Vulnerability_attack

This strike exploits a vulnerability in the way Mozilla Firefox handles file download operations. If the vulnerable victim saves a remote resource that uses a specific scheme, files within the download folder can be deleted. An attacker could exploit this vulnerability to remove files in the user download directory. The vulnerable target downloads and overwrites the download directory by creating a file with the same name as the download directory. The consequence of this action is that the download directory and subdirectories and files located are deleted. Note that the user must permit the file-saving operation by clicking the save button in the "file save" dialog. After that user must click "Cancel" link in the "Download Manager" window to trigger the vulnerability. The default download directory that will be overwritten, when this vulnerability is triggered on Windows system, is Desktop . On Linux, the default download directory is user home directory. When this vulnerability is exploited, all files in the directory will be removed except read-only files. On Windows system if the desktop directory is removed as a result of an attack then the system will recreate it. However all files that resided on the desktop will be lost. On Linux the user home directory can not be removed by the user. Only content of the directory will be lost. If the user that is running the vulnerable software is root then the root's home directory can be removed as a result of an attack along with it's content. When this vulnerability is exploited on a system using a non-default download directory, all subsequent download attempts will fail as the download directory will no longer exist. Firefox browser will popup the error box saying that the file "could not be saved, because an unknown error occurred. Sorry about that. Try saving to a different location".