| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 18 Apr 2006 14:38:34 -0000 From: miky@...il.com To: bugtraq@...urityfocus.com Subject: Another flaw in Firefox 1.5.0.2: to open files from remote https://bugzilla.mozilla.org/show_bug.cgi?id=334341 It is possible by a malicious web site to open local content in the browser by tricking a user into right-clicking and choosing "View Image" on a broken image, which is referencing a local resource (e.g. via the file: URI handler). This may be exploited in combination with other vulnerabilities. The weakness has been confirmed in version 1.5.0.2. Other versions may also be affected. User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.2) Gecko/20060308 Firefox/1.5.0.2 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.2) Gecko/20060308 Firefox/1.5.0.2 A bug has been discovered by myself(TeamOverload) in Firefox 1.5.0.2(other versions are probably affected too). Through a specially crafted webpage you can have any file be disguised as an image. If you then right click-view image, the file will attempt to download or just run if it is on the bypass list. Some extensions such as .wma are defaulted like that and a malformed wma can be loaded just by going to view image. Other websites can be loaded this way as well. Reproducible: Always Steps to Reproduce: 1.Download attached archive that causes problem 2.Launch web page, and right click and choose show image on both 3.First image should open WindowsMediaPlayer and the second should go to a different web page. Actual Results: Both WMP and the alternate web page opened.
Powered by blists - more mailing lists