Mozilla Firefox Address Bar Image Dragging Remote Script Execution Vulnerability
BID:12672
Info
Mozilla Firefox Address Bar Image Dragging Remote Script Execution Vulnerability
| Bugtraq ID: | 12672 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 26 2005 12:00AM |
| Updated: | Feb 26 2005 12:00AM |
| Credit: | Paul <[email protected]> is credited with the discovery of this issue. |
| Vulnerable: |
Mozilla Firefox 1.0.1 Mozilla Firefox 1.0 Mandriva Linux Mandrake 10.2 x86_64 Mandriva Linux Mandrake 10.2 Mandriva Linux Mandrake 10.1 x86_64 Mandriva Linux Mandrake 10.1 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 HP HP-UX B.11.23 HP HP-UX B.11.22 HP HP-UX B.11.11 HP HP-UX B.11.00 |
| Not Vulnerable: | |
Discussion
Mozilla Firefox Address Bar Image Dragging Remote Script Execution Vulnerability
A remote script execution vulnerability affects Mozilla Firefox. This issue is due to a failure of the application to properly validate the origin of scripts prior to execution when loaded into a browser window by dragging JavaScript image URIs into the address bar.
An attacker may leverage this issue to execute arbitrary script code in the context of a target Web site in the browser of an unsuspecting user. This may facilitate cookie-based authentication credential theft as well as other attacks.
A remote script execution vulnerability affects Mozilla Firefox. This issue is due to a failure of the application to properly validate the origin of scripts prior to execution when loaded into a browser window by dragging JavaScript image URIs into the address bar.
An attacker may leverage this issue to execute arbitrary script code in the context of a target Web site in the browser of an unsuspecting user. This may facilitate cookie-based authentication credential theft as well as other attacks.
Exploit / POC
Mozilla Firefox Address Bar Image Dragging Remote Script Execution Vulnerability
No exploit is required to leverage this issue. The following proof of concept is available; please note that neither the referenced proof of concept nor the website it is hosted on are verified by Symantec.
http://greyhatsecurity.org/vulntests/firefox.htm
No exploit is required to leverage this issue. The following proof of concept is available; please note that neither the referenced proof of concept nor the website it is hosted on are verified by Symantec.
http://greyhatsecurity.org/vulntests/firefox.htm
Solution / Fix
Mozilla Firefox Address Bar Image Dragging Remote Script Execution Vulnerability
Solution:
Mandriva has released advisory MDKSA-2005:088 and fixes to address this issue. Please see the referenced advisory for links to fixed packages.
Mandriva has released an updated advisory MDKSA-2005:088-1 and updated fixes to address a bug in the initial release of the fixes. Please see the referenced advisory for links to fixed packages.
HP advisory HPSBUX01133 (SSRT5940 rev.1 - HP-UX Mozilla remote, unauthorized user may execute privileged code) is available to address various issues affecting Mozilla. Please see the referenced advisory for more information.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Mandriva has released advisory MDKSA-2005:088 and fixes to address this issue. Please see the referenced advisory for links to fixed packages.
Mandriva has released an updated advisory MDKSA-2005:088-1 and updated fixes to address a bug in the initial release of the fixes. Please see the referenced advisory for links to fixed packages.
HP advisory HPSBUX01133 (SSRT5940 rev.1 - HP-UX Mozilla remote, unauthorized user may execute privileged code) is available to address various issues affecting Mozilla. Please see the referenced advisory for more information.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Mozilla Firefox Address Bar Image Dragging Remote Script Execution Vulnerability
References:
References:
- Mozilla Firefox Home Page (Mozilla)
- Mozilla Homepage (Mozilla Foundation)
- Mozilla Firefox 1.0.1 Javascript Images are Draggable (Paul