Maxthon Web Browser Plug-in API Security ID Information Disclosure Vulnerability
BID:13073
Info
Maxthon Web Browser Plug-in API Security ID Information Disclosure Vulnerability
| Bugtraq ID: | 13073 |
| Class: | Design Error |
| CVE: |
CVE-2005-1091 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 08 2005 12:00AM |
| Updated: | Jul 12 2009 12:56PM |
| Credit: | Discovery of this issue is credited to "Aviv Raff" <[email protected]>. |
| Vulnerable: |
Maxthon Maxthon 1.2.1 Maxthon Maxthon 1.2 |
| Not Vulnerable: | |
Discussion
Maxthon Web Browser Plug-in API Security ID Information Disclosure Vulnerability
It is reported that the Maxthon Web browser is prone to an information disclosure vulnerability. It is reported that Maxthon Plug-in API's are protected with a security ID. Only a website that has knowledge of a Maxthon Plug-in security ID may invoke the plug-in API. However, it is reported that the Side bar
Plug-in stores it's security ID in the Plug-in folder.
It is possible for a remote website to include this file in a script and obtain the Security ID's required to access the API of the Plug-in.
It is reported that the Maxthon Web browser is prone to an information disclosure vulnerability. It is reported that Maxthon Plug-in API's are protected with a security ID. Only a website that has knowledge of a Maxthon Plug-in security ID may invoke the plug-in API. However, it is reported that the Side bar
Plug-in stores it's security ID in the Plug-in folder.
It is possible for a remote website to include this file in a script and obtain the Security ID's required to access the API of the Plug-in.
Exploit / POC
Maxthon Web Browser Plug-in API Security ID Information Disclosure Vulnerability
A proof of concept is available at the following location:
http://www.raffon.net/advisories/maxthon/nosecidpoc.html
A proof of concept is available at the following location:
http://www.raffon.net/advisories/maxthon/nosecidpoc.html
Solution / Fix
Maxthon Web Browser Plug-in API Security ID Information Disclosure Vulnerability
Solution:
It is reported that this vulnerability is addressed in Maxthon version 1.2.2. This is not confirmed. Customers are advised to contact the vendor for further information in regards to obtaining and applying an appropriate fix.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
It is reported that this vulnerability is addressed in Maxthon version 1.2.2. This is not confirmed. Customers are advised to contact the vendor for further information in regards to obtaining and applying an appropriate fix.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Maxthon Web Browser Plug-in API Security ID Information Disclosure Vulnerability
References:
References:
- Maxthon Homepage (Maxthon)