PDA

Просмотр полной версии : file upload widgets in IE and Firefox have issues



Shu_b
07.06.2006, 08:30
file upload widgets in IE and Firefox have issues
http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html

Firefox File Upload Form Keystroke Event Cancel Vulnerability
http://secunia.com/advisories/20442/
Release Date: 2006-06-06
Critical: Less critical
Impact: Exposure of sensitive information
Where: From remote
Solution Status: Unpatched
Software:
Mozilla Firefox 1.x
Mozilla SeaMonkey 1.x
Mozilla 1.7.x
Netscape 8.x

Description:
Charles McAuley has reported a vulnerability in Firefox, which can be exploited by malicious people to trick users into disclosing sensitive information.

The vulnerability is caused due to a design error where a script can cancel certain keystroke events when entering text. This can be exploited to trick a user into typing a filename in a file upload input field by changing focus and cancel the "OnKeyPress" JavaScript event on certain characters.

Successful exploitation allows an arbitrary file on the user's system to be uploaded to a malicious web site, but requires that the user types a text containing the characters of the filename.

The vulnerability has been confirmed in version 1.5.0.4. Other versions may also be affected.

Solution:Disable JavaScript support.
Do not enter suspicious text when visiting untrusted web sites.


Internet Explorer File Upload Form Keystroke Event Cancel Vulnerability
http://secunia.com/advisories/20449/
Release Date: 2006-06-06
Critical: Less critical
Impact: Exposure of sensitive information
Where: From remote
Solution Status: Unpatched
Software: Microsoft Internet Explorer 6.x

Description:
A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to trick users into disclosing sensitive information.

The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2. Other versions may also be affected.

Solution: Disable Active Scripting support.
Do not enter suspicious text when visiting untrusted web sites.

Shu_b
07.06.2006, 13:03
Раскрытие данных в различных браузерах
http://www.securitylab.ru/vulnerability/268654.php
Программа:
Mozilla Firefox 1.5.0.4 и более ранние версии
Mozilla Suite 1.7.13 и более ранние версии
Mozilla SeaMonkey 1.0.2 и более ранние версии
Microsoft Internet Explorer 6.x
Netscape 8.1 и более ранние версии
Опасность: Низкая
Наличие эксплоита: Да

Описание:
Уязвимость позволяет удаленному пользователю получить доступ к важным данным.

Уязвимость существует из-за ошибки дизайна, когда сценарий может отменить определенные события нажатия клавиш во время ввода текста. Злоумышленник может обманом заставить пользователя ввести имя файла в поле формы для загрузки файлов путем изменения фокуса и вызова JavaScript функции "OnKeyPress". Удачная эксплуатация уязвимости позволит злоумышленнику загрузить произвольные файлы на Web сервер.

Решение: Способов устранения уязвимости не существует в настоящее время.