[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 583/04 - Multiple vulnerabilities in various tabbed web browsers



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 583/04 dated 21.10.04  Time: 15:40  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Multiple vulnerabilities in various tabbed web browsers


Detail
====== 


Secunia have advised that two vulnerabilities exist in many web
browsers that support multiple tabs in a single window.



- - --------------------------BEGIN INCLUDED TEXT--------------------

PROBLEM:

	Secunia have advised [1] that two vulnerabilities exist in many web
	browsers that support multiple tabs in a single window.

	This vulnerability may be exploited if a user has a malicious site 
	open in one tab and at the same time visits a trusted site in another
	tab.  The malicious site has the opportunity to capture information
	from the trusted site in two different ways:  

	1) A user is presented with a dialogue box that appears to have 
	   originated from a trusted web site, but has in fact originated from
	   a malicious site loaded in another tab.

	2) A malicious web site loaded in one tab can intercept data being
	   entered into a form in another tab, such as a login form.

VERSIONS:

	Current and prior versions of the following browsers may affected by 
	one or both of these vulnerabilities.

	Mozilla 1.7.3
	Mozilla Firefox 0.10.1
	Camino 0.8
	Opera 7.54
	Konqueror 3.2.2-6
	Netscape 7.2
	Avant Browser 9.02 build 101
	Avant Browser 10.0 build 029
	Maxthon (MyIE2) 1.1.039

	Internet Explorer does not support tabbed browsing, and is therefore
	not vulnerable to this exploit.

IMPACT:

	Malicious web sites may be able to capture details from trusted web
	sites, such as authentication details, or present requests for data
	that appear to be from a trusted site.

MITIGATION:

	Check with your web browser's vendor for patches to fix this
	vulnerability.  Until patches are released for the browsers affected,
	a workaround is to avoid having trusted sites open at the same time
	as untrusted sites in different tabs.  Ideally, while a trusted site
	(e.g. electronic banking) is being used, no other tabs or browser
	windows	should be open.

REFERENCES:

	[1] http://secunia.com/secunia_research/2004-10/advisory/

- - --------------------------END INCLUDED TEXT--------------------

- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Secunia for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQXfKAopao72zK539AQHp0gQAtJ+50ARmCtMUDJprFCYi2GQQrCVNQVcL
SqRLd0X8cqjp6TuFIDd12wQOQNToeqXd5Sr9h8jl5I7MFOIfPpXD6+YXe4nDdi9s
ElVlKnpprHONBo8UkWYYualt6iocEBbI4aMy7s9dpWXZGoQYsX9F0kCg0TqeGIRU
yB2W0zR/20s=
=G2/o
-----END PGP SIGNATURE-----