errr/ So that attack could allow an attacker to annoy millions of people with email client popups when they receive an email/visit facebook.
it's important to note that the attack was in a redirection, so it's asuming the website ensured that the starting URL was https?:// -- Eduardo On Sat, Jun 12, 2010 at 6:00 PM, Eduardo Vela <[email protected]> wrote: > MustLive > > Since I saw you mentioned > http://www.mozilla.org/security/announce/2010/mfsa2010-23.html I think > it would be important for you to know the difference between that > vulnerability and yours. > > The reason that was fixed, was because it's generally considered safe > to embed images pointing off site, and is acceptable to consider it's > generally safe (with a few exceptions like referrer leaking, and basic > auth prompts), and a lot of websites, and online applications, like > gmail, or facebook to mention a few do it. So that attack could allow > an attacker to annoy millions of people with iframes when they receive > an email/visit facebook. > > That was considered risky enough to make a fix, but still was > considered low risk. > > All of your attacks with URI schemes are not exploitable this way, and > are completely useless for that matter, I would recommend you to think > "could this attack be exploited in mass? would it make people loss > money/time?" before making more of those advisories. > > Greetings > > -- Eduardo > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
