PCWorks: Netscape Three Vulnerabilities

Support-OrpheusComputing.com Wed, 09 Feb 2005 21:55:46 -0800

Interesting they state "use another browser" the same way many 
state about IE!


-------------------------------------------
SECUNIA ADVISORY ID:
SA14206

VERIFY ADVISORY:
http://secunia.com/advisories/14206/

CRITICAL:
Less critical

IMPACT:
Security Bypass, Cross Site Scripting, Manipulation of data

WHERE:
>From remote

SOFTWARE:
Netscape 7.x
http://secunia.com/product/85/

DESCRIPTION:
mikx has discovered three vulnerabilities in Netscape, which 
can be
exploited by malicious people to plant malware on a user's 
system,
conduct cross-site scripting attacks and bypass certain 
security
restrictions.

1) Netscape validates an image against the "Content-Type" HTTP
header, but uses the file extension from the URL when saving an 
image
after a drag and drop event. This can e.g. be exploited to 
plant a
valid image with an arbitrary file extension and embedded 
script code
(e.g. .bat file) on the desktop by tricking a user into 
performing a
certain drag and drop event.

2) Missing URI handler validation when dragging a "javascript:" 
URL
to another tab can be exploited to execute arbitrary HTML and 
script
code in a user's browser session in context of an arbitrary 
site by
tricking a user into dragging a malicious link to another tab.

3) An error in the restriction of URI handlers loaded via 
plugins can
be exploited to link to certain restricted URIs (e.g. 
about:config).

This can further be exploited to trick a user into changing 
some
sensitive configuration settings.

The vulnerabilities have been confirmed in version 7.2. Other
versions may also be affected.

SOLUTION:
Use another browser.

ORIGINAL ADVISORY:
1) http://www.mikx.de/index.php?p=8
2) http://www.mikx.de/index.php?p=9
3) http://www.mikx.de/index.php?p=10
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/rules.htm
Contact list owner <[EMAIL PROTECTED]>
Unsubscribing and other changes: http://pcworkers.com
=====================================================

PCWorks: Netscape Three Vulnerabilities

Reply via email to