Message-ID: <003b01c9fb63$8af2ecc0$010000c0@ml>
Date: Fri, 3 Jul 2009 01:21:57 +0300
From: "MustLive" <mustlive@...security.com.ua>
To: <bugtraq@...urityfocus.com>
Subject: Cross-Site Scripting vulnerabilities in Mozilla, Internet Explorer, Opera and Chrome

Hello SecurityFocus!

I want to warn you about Cross-Site Scripting vulnerabilities in Mozilla,
Internet Explorer, Opera and Chrome. I wrote about it at my site this Monday
(29.06.2009) and also informed corresponding browsers developers about this
vulnerability.

At 21.04.2009 there was fixed vulnerability in Firefox 3.0.9
(http://www.mozilla.org/security/announce/2009/mfsa2009-22.html), which
allowed to conduct XSS attacks via Refresh header. And as I checked, this
attack is also working in Mozilla, IE6, Opera and Chrome.

XSS:

With request to script at web site:

http://site/script.php?param=javascript:alert(document.cookie)

Which returns in answer the refresh header:

refresh: 0; URL=javascript:alert(document.cookie)

The code will work in context of this site.

Vulnerable version is Mozilla 1.7.x and previous versions.

Vulnerable version is Mozilla Firefox 3.0.8 and previous versions.

Vulnerable version is Internet Explorer 6 (6.0.2900.2180) and previous
versions. And potentially next versions (IE7 and IE8).

Vulnerable version is Opera 9.52 and previous versions (and potentially next
versions too).

Vulnerable version is Google Chrome 1.0.154.48 and previous versions (and
potentially next versions too).

I mentioned about this vulnerability at my site 
(http://websecurity.com.ua/3275/).

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua 


!DSPAM:4a4d326b156009547910959!

Powered by blists - more mailing lists