All the latest UK technology news, reviews and analysis
|
|
|
20 Sep 2007
Mozilla has issued a new fix for a Firefox vulnerability which it had supposedly patched in July.
The vulnerability lies in the way Firefox handles JavaScript code in QuickTime files, such as .mov and .mp3. Malicious code could be disguised as a media file which would be launched in Firefox via QuickTime.
The code would then be able to run with the privileges of the current user, possibly leading to a malware installation or data theft.
The flaw was originally reported in July as a cross-browser attack between Internet Explorer and Firefox. Mozilla reacted quickly, issuing a fix four days later.
However, security researcher Petko D. Petkov found that neither Apple nor Mozilla had completely plugged the hole, and that Firefox remained vulnerable to a serious attack. Petkov posted code and working samples of the attack in a blog entry.
Mozilla noted that the latest fix will prevent attackers from executing the commands that could allow for full system access and remote code execution.
But the company warned that the QuickTime issue remains, and that the flaw could still be used to flood users with pop-ups and dialogue boxes.
Spokespersons for Apple did not immediately return a request for comment. The company does not normally discuss security issues until a fix has been released.
Petkov said that Internet Explorer 7 was also found to be vulnerable, but noted that the browser's security controls limit the effectiveness of the attack. Internet Explorer 6 is not affected.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Firm also discusses Blackberry 10 system
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Key Skills Execute test scripts and assist with development...
Our client is entering a new phase of their network systems...
SQL Server / Architect / DBA SQL DBA Architect is required...
.NET - C# - SQL –SSIS –ETL - Real-Time Data. This established...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Getting it Right
Firefox is without a doubt the best web browser ever made, but it does have one additional problem they don't seem to care about, flash transparencies don't work in Linux-Firefox like they do in Window-Firefox... Hoping for a Fix someday, Xav
Posted by: Xavior 21 Sep 2007
Some correction...
I see some minor factual error in the report, here are the correction. The vulnerability lies in the way Firefox handles JavaScript code in QuickTime files No, The vulnerability lies how QuickTime pass its qtnext parameter to the default browser in a non standard way. Apparently QuickTime is not doing as mentioned in its advisory page The flaw was originally reported in July It is only similar but not the same, and per PDP the flaw was reported to Apple one year back. Cross-browser flaw was calling default browser in standard way but not sanitizing URL using URI escape() function in browser. Example, insecure escape("a.htm |code.js") should convert to a safe "a.htm%20%7Ccode.js" Internet Explorer 6 is not affected. All web browsers in Windows platform is affected, but not Dangerous. Test with any browser. It will popup window, if you have installed QuickTime on you PC. The sample code be easly converted to show an HTML popup window advertisement. ie, a tricky way to bypass any installed popup blocker.
Posted by: BijuGC 20 Sep 2007