TITLE:
Multiple Browsers Frame Injection Vulnerability
SECUNIA ADVISORY ID:
SA11978
RELEASE DATE:
2004-07-01
VERIFY ADVISORY:
http://secunia.com/advisories/11978/
CRITICAL:
Moderately critical
WHERE:
From remote
IMPACT:
Spoofing
SOFTWARE:
Internet Explorer 5.x for Mac
Konqueror 3.x
Mozilla 0.x
Mozilla 1.0
Mozilla 1.1
Mozilla 1.2
Mozilla 1.3
Mozilla 1.4
Mozilla 1.5
Mozilla 1.6
Mozilla Firefox 0.x
Netscape 6.x
Netscape 7.x
Opera 5.x
Opera 6.x
Opera 7.x
Safari 1.x
DESCRIPTION:
A 6 year old vulnerability has been discovered in multiple browsers, allowing malicious people to spoof the content of websites.
The problem is that the browsers don't check if a target frame belongs to a website containing a malicious link, which therefore doesn't prevent one browser window from loading content in a named frame in another window.
Successful exploitation allows a malicious website to load arbitrary content in an arbitrary frame in another browser window owned by e.g. a trusted site.
Secunia has constructed a test, which can be used to check if your browser is affected by this issue:
http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/
The vulnerability has been confirmed in the following browsers:
* Opera 7.51 for Windows
* Opera 7.50 for Linux
* Mozilla 1.6 for Windows
* Mozilla 1.6 for Linux
* Mozilla Firebird 0.7 for Linux
* Mozilla Firefox 0.8 for Windows
* Netscape 7.1 for Windows
* Internet Explorer for Mac 5.2.3
* Safari 1.2.2
* Konqueror 3.1-15redhat
Other versions may also be affected.
The vulnerability also affects Internet Explorer:
SA11966
SOLUTION:
Do not browse untrusted sites while browsing trusted sites.
The following browsers are not affected:
* Mozilla Firefox 0.9 for Windows
* Mozilla Firefox 0.9.1 for Windows
* Mozilla 1.7 for Windows
* Mozilla 1.7 for Linux
REPORTED BY CREDITS:
Reported in Mozilla browser by:
Gary McKay
OTHER REFERENCES:
SA11966:
http://secunia.com/advisories/11966/
Multiple Browsers Frame Injection Vulnerability
SECUNIA ADVISORY ID:
SA11978
RELEASE DATE:
2004-07-01
VERIFY ADVISORY:
http://secunia.com/advisories/11978/
CRITICAL:
Moderately critical
WHERE:
From remote
IMPACT:
Spoofing
SOFTWARE:
Internet Explorer 5.x for Mac
Konqueror 3.x
Mozilla 0.x
Mozilla 1.0
Mozilla 1.1
Mozilla 1.2
Mozilla 1.3
Mozilla 1.4
Mozilla 1.5
Mozilla 1.6
Mozilla Firefox 0.x
Netscape 6.x
Netscape 7.x
Opera 5.x
Opera 6.x
Opera 7.x
Safari 1.x
DESCRIPTION:
A 6 year old vulnerability has been discovered in multiple browsers, allowing malicious people to spoof the content of websites.
The problem is that the browsers don't check if a target frame belongs to a website containing a malicious link, which therefore doesn't prevent one browser window from loading content in a named frame in another window.
Successful exploitation allows a malicious website to load arbitrary content in an arbitrary frame in another browser window owned by e.g. a trusted site.
Secunia has constructed a test, which can be used to check if your browser is affected by this issue:
http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/
The vulnerability has been confirmed in the following browsers:
* Opera 7.51 for Windows
* Opera 7.50 for Linux
* Mozilla 1.6 for Windows
* Mozilla 1.6 for Linux
* Mozilla Firebird 0.7 for Linux
* Mozilla Firefox 0.8 for Windows
* Netscape 7.1 for Windows
* Internet Explorer for Mac 5.2.3
* Safari 1.2.2
* Konqueror 3.1-15redhat
Other versions may also be affected.
The vulnerability also affects Internet Explorer:
SA11966
SOLUTION:
Do not browse untrusted sites while browsing trusted sites.
The following browsers are not affected:
* Mozilla Firefox 0.9 for Windows
* Mozilla Firefox 0.9.1 for Windows
* Mozilla 1.7 for Windows
* Mozilla 1.7 for Linux
REPORTED BY CREDITS:
Reported in Mozilla browser by:
Gary McKay
OTHER REFERENCES:
SA11966:
http://secunia.com/advisories/11966/
