Author Topic: Bug effects both IE & Firefox ......  (Read 2882 times)

0 Members and 1 Guest are viewing this topic.


  • Guest
Bug effects both IE & Firefox ......
« on: June 30, 2006, 05:20:17 AM »

Read about it at the link below:


Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9408
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re: Bug effects both IE & Firefox ......
« Reply #1 on: June 30, 2006, 10:55:11 AM »
Looks like Opera is immune to this ;D
Visit my webpage Angry Sheep Blog

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33996
  • malware fighter
Re: Bug effects both IE & Firefox ......
« Reply #2 on: June 30, 2006, 11:05:51 AM »
Hi CharleyO & RejZoR,

Flock is not affected.


And the news was a bit hasty: Quote:

We have been getting comments about the statement of Firefox being vulnerable. After repeated testing, one of the handlers has confirmed that it is definitely vulnerable. The code found at Secunia will not catch vulnerable versions of Firefox but the original PoC found on FullDisclosure will work on Firefox.

UPDATE 06/30/06
After doing more research on this vulnerability and with great help from our readers (thanks to Dan and another reader) it seems that Mozilla Firefox is not affected by this vulnerability.

The (obvious) reason for this is that Firefox doesn't support the outerHTML property at all (innerHTML property is supported). As this property is not supported, the original context can't get any data from the HTML that was loaded into the <object> tag.

If you test this with the original PoC posted on Full Disclosure, you can notice that Firefox will load the target web page into the object tag, but the alert call (which is in the original context) will not be able to get any data. If you use Internet Explorer 6 this is not the case as the original context script can access data that was loaded into the object tag.

The fact that Firefox displays the target web page has nothing to do with this vulnerability (apart from the fact that it can confuse the user, but that's another story); so in this context it's no different than using an iframe.

Internet Explorer 7 is also not affected by this vulnerability.

Bojan Zdrnja
William Salusky
Toby Kohlenberg

End of Quote

« Last Edit: June 30, 2006, 11:23:52 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!