lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <46C517DA.7000909@secniche.org>
Date: Thu, 16 Aug 2007 20:36:58 -0700
From: Aditya K Sood <zeroknock@...niche.org>
To: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com,
	websecurity@...appsec.org, "Steven M. Christey" <coley@...re.org>
Subject: SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and
 Dos Vulnerability

Advisory : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos 
Vulnerability

Dated : 15 August 2007

Severity : Critical

Explanation :

The vulnerability persists in the popup blocker functioning to allow 
specific websites to execute
popup in the running instance of Internet Explorer. An attacker can 
easily exploits it by enabling
a browser to run a malicious script in the context of Internet Explorer. 
The script manipulates the
registry entries for specific websites through Javascript. It adds fake 
or malicious websites as an
allowed websites in the pop up blocker. The cause user visiting a 
untrusted website or any othe
malicious cause.

Detail Advisory :
http://www.secniche.org/advisory/Internet_Pop_Phish_Dos_Adv.pdf
http://www.secniche.org/adv.html


Proof of Concept : Level 1 Infection Test
http://www.secniche.org/misc/ie_pop_by_level1_test.zip

Test run fine locally as well with Web server [IIS] automated server 
object calling. Infection
through Active X Object.

Regards
AKS aka 0kn0ck
http://www.secniche.org


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ