Zero-day flaws affect Firefox, IE

By Bill Brenner, Senior News Writer 05 Jun 2007 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

Vulnerability researcher Michael Zalewski has published details of four new zero-day flaws in Firefox and Internet Explorer (IE) that could be exploited to log keystrokes, download malware and steal cookies.

Zalewski published his findings on Full Disclosure, a mailing list hosted by Danish vulnerability clearinghouse Secunia.

The first flaw affects IE 6 and 7. "When Javascript code instructs IE 6/7 to navigate away from a page that meets same-domain origin policy (and hence can be scripturally-accessed and modified by the attacker) to an unrelated third-party site, there is a window of opportunity for concurrently executed Javascript to perform actions with the permissions for the old page, but actual content for the newly loaded page," Zalewski wrote.

Firefox also contains a Javascript flaw, according to Zalewski. "Javascript can be used to inject malicious code, including key-snooping event handlers, on pages that rely on IFRAMEs to display contents or store state data [and] communicate with the server," Zalewski wrote.

Firefox also contains a flaw that could be exploited on certain confirmation dialogs. "A sequence of blur/focus operations can be used to bypass delay timers implemented on certain Firefox confirmation dialogs, possibly enabling the attacker to download or run files without user's knowledge or consent," Zalewski wrote.

The fourth flaw affects IE 6 and allows malicious Web sites to spoof URL bar data. IE7 is not affected because of certain high-level changes in the browser, the researcher noted.

The issues are serious enough that the Bethesda, Md.-based SANS Internet Storm Center (ISC) issued an alert on its Web site.

The new flaws come less than a week after Mozilla updated Firefox to fix a number of other security flaws. Mozilla warned attackers could exploit those flaws to access sensitive information, cause a denial of service or run malicious code on targeted machines.

Tags: Web Browser Security,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Web Browser Security Microsoft fixes security update that breaks Internet Explorer Mozilla update repairs Firefox buffer overflow vulnerabilities Kaspersky system analyzes malicious URLs on Twitter for malware Silon malware intercepts Internet Explorer sessions, steals credentials Do Facebook URL security concerns justify blocking social networks? Phishing attacks to remain a major problem, say security experts Adrian Perrig: Improve SSL/TLS Security Through Education and Technology New Bahama botnet evades search engines, fuels click fraud SANS: Application threats, website flaws pose biggest security threats Mozilla helps Adobe push out faster patches Web Browser Security Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary browser hijacker  (SearchSecurity.com) cache cramming  (SearchSecurity.com) cache poisoning  (SearchSecurity.com) honey monkey  (SearchSecurity.com) JavaScript hijacking  (SearchSecurity.com) NCSA  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary