Comment 1 for bug 153438

This is still exploitable in Ubuntu 8.04, text of email I just sent to <email address hidden> follows:

I just tested this using Firefox 3 on Ubuntu 8.04 with Gnome 2.22.2.

trojan.desktop Displayed in Firefox as a plain text file

trojan-axd.desktop Asked to save or open the file:
      * If saved default location is desktop. Appears with jpeg icon and
        file name 'hot goats.jpg'. Double clicking causes the code to
        run (displays 'Owned' in a small window).
      * If open with chosen, following message is displayed "The
        application you chose ("(null)") could not be found. Check the
        file name or choose another application."

trojan-aos.desktop Treated as executable by Firefox may only save file
      * If Save file clicked, file is saved to Desktop, no choice.
      * Once saved it behaves like trojan-axd.desktop.

I now have multiple icons on my desktop, all apparently called 'hot
goats.jpg' (without quotes). All of them run the embedded python code.

alex@martha:~/Documents/primes$ ls /home/alex/Desktop/trojan*
/home/alex/Desktop/trojan-aos(2).desktop
/home/alex/Desktop/trojan-aos(3).desktop
/home/alex/Desktop/trojan-aos.desktop
/home/alex/Desktop/trojan-axd(2).desktop
/home/alex/Desktop/trojan-axd.desktop