lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: lazy at server.gwsh.gda.pl (lazy@...ver.gwsh.gda.pl) Subject: Re: Gadu-Gadu, another two bugs On Fri, Dec 17, 2004 at 11:23:38AM +0100, Jaroslaw Sajko wrote: > Product: Gadu-Gadu, build 155 and older > Vendor: SMS-EXPRESS.COM (http://www.gadu-gadu.pl) > Impact: Script execution in local zone, > Remote DoS > Severity: High > Authors: Blazej Miga <bla@....poznan.pl>, > Jaroslaw Sajko <sloik@....poznan.pl> > Date: 17/12/04 ... > [DETAILS] > > Bug 1. > Parsing error. We can send a malicious string which has an url inside. > This url can be a javascript code for example or reference to such a code. > Code will execute when the window with message pops up. Code will execute > in LOCAL ZONE! Works also with older versions. > > Example: > > Send such a string to any receipent: > www.po"style=background-image:url(javascript:document.write('%3cscript%3ealert%28%22you%20are%20owned!%22%29%3c%2fscript%3e'));".pl > tlen.pl - another polish IM was also vulunerable to Bug1 they fixed it in 5.23.4.2 and (as I was told) they now block it on the servers, but you can check it locally on your own client __ Regards, Michal Grzedzicki
Powered by blists - more mailing lists