Mozilla Firefox Jar URI Cross-Site Scripting Vulnerability
BID:26385
Info
Mozilla Firefox Jar URI Cross-Site Scripting Vulnerability
| Bugtraq ID: | 26385 |
| Class: | Design Error |
| CVE: |
CVE-2007-5947 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 08 2007 12:00AM |
| Updated: | Apr 13 2015 09:14PM |
| Credit: | Jesse Ruderman is credited with the discovery of this issue. |
| Vulnerable: |
Ubuntu Ubuntu Linux 7.10 sparc Ubuntu Ubuntu Linux 7.10 powerpc Ubuntu Ubuntu Linux 7.10 i386 Ubuntu Ubuntu Linux 7.10 amd64 Ubuntu Ubuntu Linux 7.04 sparc Ubuntu Ubuntu Linux 7.04 powerpc Ubuntu Ubuntu Linux 7.04 i386 Ubuntu Ubuntu Linux 7.04 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 SuSE SUSE Linux Enterprise Server 10 SP1 SuSE Suse Linux Enterprise Desktop 10 SP1 SuSE Linux 10.1 x86-64 SuSE Linux 10.1 x86 SuSE Linux 10.0 x86-64 SuSE Linux 10.0 x86 Slackware Linux 10.2 Slackware Linux 12.0 Slackware Linux 11.0 S.u.S.E. openSUSE 10.3 S.u.S.E. openSUSE 10.2 rPath rPath Linux 1 Redhat Fedora 7 Redhat Enterprise Linux WS 4 Redhat Enterprise Linux WS 3 Redhat Enterprise Linux WS 2.1 Redhat Enterprise Linux Optional Productivity Application 5 server Redhat Enterprise Linux ES 4.6.z Redhat Enterprise Linux ES 4.5.z Redhat Enterprise Linux ES 4 Redhat Enterprise Linux ES 3 Redhat Enterprise Linux ES 2.1 Redhat Enterprise Linux Desktop Workstation 5 client Redhat Enterprise Linux Desktop 5 client Redhat Enterprise Linux AS 4.6.z Redhat Enterprise Linux AS 4.5.z Redhat Enterprise Linux AS 4 Redhat Enterprise Linux AS 3 Redhat Enterprise Linux AS 2.1 Redhat Enterprise Linux 5 Server Redhat Desktop 4.0 Redhat Desktop 3.0 Redhat Advanced Workstation for the Itanium Processor 2.1 Netscape Navigator 9.0 1 Netscape Navigator 9.0.0.3 Netscape Navigator 9.0.0.2 Netscape Navigator 9.0 Mozilla SeaMonkey 1.1.6 Mozilla Firefox 2.0 .9 Mozilla Firefox 2.0 .8 Mozilla Firefox 2.0 .7 Mozilla Firefox 2.0 .6 Mozilla Firefox 2.0 .5 Mozilla Firefox 2.0 .4 Mozilla Firefox 2.0 .3 Mozilla Firefox 2.0 .1 Mozilla Firefox 2.0.0.2 Mozilla Firefox 2.0 Mandriva Linux Mandrake 2008.0 x86_64 Mandriva Linux Mandrake 2008.0 Mandriva Linux Mandrake 2007.1 x86_64 Mandriva Linux Mandrake 2007.1 Mandriva Linux Mandrake 2007.0 x86_64 Mandriva Linux Mandrake 2007.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0 Gentoo Linux Foresight Linux Foresight Linux 1.1 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Avaya Messaging Storage Server MM3.0 Avaya Message Networking MN 3.1 Avaya Intuity AUDIX LX 2.0 |
| Not Vulnerable: |
Netscape Navigator 9.0.0.4 Mozilla SeaMonkey 1.1.7 Mozilla Firefox 2.0 .10 |
Discussion
Mozilla Firefox Jar URI Cross-Site Scripting Vulnerability
Mozilla Firefox is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input.
An attacker can exploit this issue to steal cookie-based authentication credentials and other sensitive data that may aid in further attacks.
Mozilla Firefox is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input.
An attacker can exploit this issue to steal cookie-based authentication credentials and other sensitive data that may aid in further attacks.
Exploit / POC
Mozilla Firefox Jar URI Cross-Site Scripting Vulnerability
An attacker can exploit this issue by enticing an unsuspecting user to follow a malicious URI.
An attacker can exploit this issue by enticing an unsuspecting user to follow a malicious URI.
Solution / Fix
Mozilla Firefox Jar URI Cross-Site Scripting Vulnerability
Solution:
The vendor released an advisory and fixes to address these issues. Please see the references for more information.
Netscape Navigator 9.0
Netscape Navigator 9.0.0.3
Netscape Navigator 9.0.0.2
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0
Mozilla SeaMonkey 1.1.6
Mozilla Firefox 2.0 .6
Mozilla Firefox 2.0 .1
Mozilla Firefox 2.0 .9
Mozilla Firefox 2.0 .5
Mozilla Firefox 2.0 .8
Mozilla Firefox 2.0 .7
Mozilla Firefox 2.0 .3
Netscape Navigator 9.0 1
Solution:
The vendor released an advisory and fixes to address these issues. Please see the references for more information.
Netscape Navigator 9.0
-
Netscape Navigator 9.0.0.4
http://browser.netscape.com/downloads/
Netscape Navigator 9.0.0.3
-
Netscape Navigator 9.0.0.4
http://browser.netscape.com/downloads/
Netscape Navigator 9.0.0.2
-
Netscape Navigator 9.0.0.4
http://browser.netscape.com/downloads/
Mozilla Firefox 2.0.0.2
-
Mozilla Firefox 2.0.0.10 (Linux)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &linux=win&lang=af -
Mozilla Firefox 2.0.0.10 (Mac OS X)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &osx=win&lang=af -
Mozilla Firefox Setup 2.0.0.10.exe (Windows)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &os=win&lang=af
Mozilla Firefox 2.0
-
Mozilla Firefox 2.0.0.10 (Linux)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &linux=win&lang=af -
Mozilla Firefox 2.0.0.10 (Mac OS X)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &osx=win&lang=af -
Mozilla Firefox Setup 2.0.0.10.exe (Windows)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &os=win&lang=af
Mozilla SeaMonkey 1.1.6
-
Mozilla SeaMonkey 1.1.7 (Linux)
http://download.mozilla.org/?product=seamonkey-1.1.6&os=linux&lang=en- US -
Mozilla SeaMonkey 1.1.7 (Mac OS X)
http://download.mozilla.org/?product=seamonkey-1.1.6&os=osx&lang=en-US -
Mozilla SeaMonkey 1.1.7 (Windows)
http://download.mozilla.org/?product=seamonkey-1.1.6&os=win&lang=en-US
Mozilla Firefox 2.0 .6
-
Mozilla Firefox 2.0.0.10 (Linux)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &linux=win&lang=af -
Mozilla Firefox 2.0.0.10 (Mac OS X)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &osx=win&lang=af -
Mozilla Firefox Setup 2.0.0.10.exe (Windows)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &os=win&lang=af
Mozilla Firefox 2.0 .1
-
Mozilla Firefox 2.0.0.10 (Linux)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &linux=win&lang=af -
Mozilla Firefox 2.0.0.10 (Mac OS X)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &osx=win&lang=af -
Mozilla Firefox Setup 2.0.0.10.exe (Windows)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &os=win&lang=af
Mozilla Firefox 2.0 .9
-
Mozilla Firefox 2.0.0.10 (Linux)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &linux=win&lang=af -
Mozilla Firefox 2.0.0.10 (Mac OS X)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &osx=win&lang=af -
Mozilla Firefox Setup 2.0.0.10.exe (Windows)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &os=win&lang=af
Mozilla Firefox 2.0 .5
-
Mozilla Firefox 2.0.0.10 (Linux)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &linux=win&lang=af -
Mozilla Firefox 2.0.0.10 (Mac OS X)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &osx=win&lang=af -
Mozilla Firefox Setup 2.0.0.10.exe (Windows)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &os=win&lang=af
Mozilla Firefox 2.0 .8
-
Mozilla Firefox 2.0.0.10 (Linux)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &linux=win&lang=af -
Mozilla Firefox 2.0.0.10 (Mac OS X)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &osx=win&lang=af -
Mozilla Firefox Setup 2.0.0.10.exe (Windows)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &os=win&lang=af
Mozilla Firefox 2.0 .7
-
Mozilla Firefox 2.0.0.10 (Linux)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &linux=win&lang=af -
Mozilla Firefox 2.0.0.10 (Mac OS X)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &osx=win&lang=af -
Mozilla Firefox Setup 2.0.0.10.exe (Windows)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &os=win&lang=af
Mozilla Firefox 2.0 .3
-
Mozilla Firefox 2.0.0.10 (Linux)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &linux=win&lang=af -
Mozilla Firefox 2.0.0.10 (Mac OS X)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &osx=win&lang=af -
Mozilla Firefox Setup 2.0.0.10.exe (Windows)
http://www.mozilla.com/products/download.html?product=firefox-2.0.0.10 &os=win&lang=af
Netscape Navigator 9.0 1
-
Netscape Navigator 9.0.0.4
http://browser.netscape.com/downloads/
References
Mozilla Firefox Jar URI Cross-Site Scripting Vulnerability
References:
References:
- (jarxss2) �?? Sort out jar: behavior on HTTP redirects (Mozilla)
- What's New in Netscape Navigator 9.0.0.4 (Netscape)
- ASA-2007-492 - seamonkey security update (RHSA-2007-1084) (Avaya)
- ASA-2007-494 - Firefox security update (RHSA-2007-1082) (Avaya)
- Cisco NX-OS Software TACACS+ Command Authorization Vulnerability (Cisco)
- jar: protocol is an XSS hazard due to ignoring mime type and being considered sa (Jesse Ruderman)
- MDKSA-2007:246 - mozilla-firefox (Mandriva)
- MFSA 2007-37 jar: URI scheme XSS hazard (Mozilla)
- Mozilla Firefox jar URI cross-site scripting vulnerability (US-CERT)
- Red Hat Linux Security Advisory RHSA-2007:1084-8 (Red Hat)
- RHSA-2007:1082-5 - Critical: firefox security update (Red Hat)
- RHSA-2007:1083-5 thunderbird security update (Red Hat)
- Web Mayhem: Firefox�??s JAR: Protocol issues (GNUCITIZEN)