SillyDog701 Message Centre

[J-M]

Secunia reported today about Mozilla / Mozilla Firefox Frame Injection Vulnerability (affecting to Camino too) at

http://secunia.com/advisories/15601/ .

They have a separate test page to confirm this issue located at
http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/

This has been discussed as SD701 earlier (this is a new version of http://secunia.com/advisories/11978/ from July, 2004.

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fi-FI; rv:1.7.7) Gecko/20050414 Firefox/1.0.3

[Antony]

J-M,

Thanks for reporting. Safari is safe I hope.

UserAgent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/412 (KHTML, like Gecko) Safari/412

---

MozInfo701 | MacCentre701 | AntBlog701 | don't steal music.

[ryantologyistheway]

Of course Safari would be safe from that, I'm sure there's a way to spoof Safari though as there's no way you can program something as complicated as a web browser without there being flaws.

But since Safari's usage share is well below a quarter percent, I'm sure nobody has bothered to figure that one out yet.

UserAgent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

[Betuaelmon]

I've tested Firefox and it's true if (you use different windows of Firefox)

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20050519 Netscape/8.0.1

[DJGM]

[J-M]

According to the Secunia's previous report, SA11978 released on 1st July, 2004:

[J-M]

Now when we have one new 'Unpatched' issue in Firefox 1.0.4 and Suite 1.7.8, we have a working workaround too.

[ryantologyistheway]

[Antony]

[akbash]

The reappearance of this bug is a regression caused by a fix for another bug. And bad QA, one might be inclined to think One would also expect its reappearance to be entirely confined to Mozilla products, including the Firefox haunches of the Netscape 8 chimera. I don't think it's a very serious bug myself, but Mozilla are on it. There's a bug filed, and it's been determined to be necessary for Firefox 1.0.5.

About workarounds, there is also another. I'm not entirely certain this works in all cases, but Secunia's testcase fails if you have Firefox set to open new windows in tabs. The vulnerability itself is pretty contrived. A malignant site wanting to take advantage of this bug has to know that you have an important site open in another window, and it has to know details of that site. Practically speaking I don't see how this could ever be a problem unless you accept an invitation from some random site to open a new window to a secure site where you keep important information. So don't do that.

I don't mean to downplay the bug completely. It could and probably will catch someone unawares. But to fall for this, your personal paranoia dimmer switch has to be set on "night light."

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b2) Gecko/20050530 Firefox/1.0+

[J-M]

[J-M]

Firefox bitten by spoofing flaw, says ZDNet UK News (again).

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fi-FI; rv:1.7.7) Gecko/20050414 Firefox/1.0.3

[Fulvio]

akbash, you made some good points, and I like your conclusion:

[Betuaelmon]

If you use NS 8 with IE 6 engine whitout SP has got the same vulnerability as
Firefox 1.0.4, but with IE 6 SP 2 all is ok. True or false?

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20050519 Netscape/8.0.1

[Don_HH2K]