Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:16031
HistoryFeb 12, 2007 - 12:00 a.m.

[Full-disclosure] Firefox/MSIE focus stealing vulnerability - clarification

2007-02-1200:00:00
vulners.com
13
JSON

After some research, I can offer this clarification:

1) The MSIE 7 attack vector I described is a distinctive, new
vulnerability that differs from the attack reported by Charles
McAuley and Bart van Arnhem. Attacks described by them were
fixed in MSIE7 (although MSIE6 is still exposed to the original
flaw).

 My vulnerability attacks the same form control, but in a different
 manner. Again, the demo for this vulnerability is here:
 http://lcamtuf.coredump.cx/focusbug/ieversion.html

2) The Firefox attack vector is related to the Charles' CVE-2006-2894,
which in turn was a rediscovery of a problem known to Mozilla since
2000 (!); attempts to fix it in official releases failed because the
problem was repeatedly marked as a duplicate of a too narrowly
defined issue with control hiding. A broader redesign probably
eliminated the issue in development branches, but it still affects
Firefox 1.5 and 2.0.

 This can be considered an independent rediscovery and a more
 practical demonstration of a previously reported vulnerability.
 The exploit is here: http://lcamtuf.coredump.cx/focusbug/index.html

Regards,
/mz

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Related

ubuntucve 1
securityvulns 3
prion 1
cve 1
mozilla 1
debian 3
nessus 15
openvas 11
osv 3
ubuntu 2
suse 1
ubuntucve
ubuntucve
CVE-2006-2894
2006-06-07 00:00:00
securityvulns
securityvulns
Microsoft Internet Explorer / Mozilla Firefox user input hijacking
2007-02-12 00:00:00
Mozilla Foundation Security Advisory 2007-32
2007-10-23 00:00:00
Mozilla Firefox /Thunderbird / Seamonkey multiple security vulnerabilities
2007-10-23 00:00:00
prion
prion
Unrestricted file upload
2006-06-07 10:02:00
cve
cve
CVE-2006-2894
2006-06-07 10:02:00
mozilla
mozilla
File input focus stealing vulnerability — Mozilla
2007-10-18 00:00:00
debian
debian
[SECURITY] [DSA 1392-1] New xulrunner packages fix several vulnerabilities
2007-10-20 11:56:10
[SECURITY] [DSA 1401-1] New iceape packages fix several vulnerabilities
2007-11-05 23:44:32
[SECURITY] [DSA 1396-1] New iceweasel packages fix several vulnerabilities
2007-10-27 11:54:56
nessus
nessus
Debian DSA-1396-1 : iceweasel - several vulnerabilities
2007-10-30 00:00:00
Debian DSA-1392-1 : xulrunner - several vulnerabilities
2007-10-25 00:00:00
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : mozilla-thunderbird, thunderbird vulnerabilities (USN-536-1)
2007-11-10 00:00:00
openvas
openvas
Debian Security Advisory DSA 1401-1 (iceape)
2008-01-17 00:00:00
Debian Security Advisory DSA 1396-1 (icedove)
2008-01-17 00:00:00
Debian Security Advisory DSA 1392-1 (xulrunner)
2008-01-17 00:00:00
osv
osv
xulrunner - several vulnerabilities
2007-10-20 00:00:00
iceape - several vulnerabilities
2007-11-05 00:00:00
iceweasel
2007-10-27 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2007-10-23 00:00:00
Firefox vulnerabilities
2007-10-22 00:00:00
suse
suse
remote code execution in MozillaFirefox,mozilla,seamonkey
2007-10-25 18:13:14
JSON
Related for SECURITYVULNS:DOC:16031
ubuntucve1securityvulns3prion1cve1mozilla1debian3nessus15openvas11osv3ubuntu2suse1