Full Disclosure mailing list archives
Firefox/MSIE focus stealing vulnerability - clarification
From: Michal Zalewski <lcamtuf () dione ids pl>
Date: Mon, 12 Feb 2007 00:01:56 +0100 (CET)
After some research, I can offer this clarification: 1) The MSIE 7 attack vector I described is a distinctive, new vulnerability that differs from the attack reported by Charles McAuley and Bart van Arnhem. Attacks described by them were fixed in MSIE7 (although MSIE6 is still exposed to the original flaw). My vulnerability attacks the same form control, but in a different manner. Again, the demo for this vulnerability is here: http://lcamtuf.coredump.cx/focusbug/ieversion.html 2) The Firefox attack vector is related to the Charles' CVE-2006-2894, which in turn was a rediscovery of a problem known to Mozilla since 2000 (!); attempts to fix it in official releases failed because the problem was repeatedly marked as a duplicate of a too narrowly defined issue with control hiding. A broader redesign probably eliminated the issue in development branches, but it still affects Firefox 1.5 and 2.0. This can be considered an independent rediscovery and a more practical demonstration of a previously reported vulnerability. The exploit is here: http://lcamtuf.coredump.cx/focusbug/index.html Regards, /mz _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Firefox focus stealing vulnerability (possibly other browsers), (continued)
- Re: Firefox focus stealing vulnerability (possibly other browsers) pdp (architect) (Feb 11)
- Re: Firefox focus stealing vulnerability (possibly other browsers) pdp (architect) (Feb 11)
- Re: Firefox focus stealing vulnerability (possibly other browsers) Michal Zalewski (Feb 11)
- Re: Firefox focus stealing vulnerability (possibly other browsers) pdp (architect) (Feb 11)
- Re: Firefox focus stealing vulnerability (possibly other browsers) Ben Bucksch (Feb 11)
- Re: Firefox focus stealing vulnerability (possibly other browsers) Paul Szabo (Feb 11)
- Re: Firefox focus stealing vulnerability (possibly other browsers) Michal Zalewski (Feb 11)
- Message not available
- Re: Firefox focus stealing vulnerability (possibly other browsers) Michal Zalewski (Feb 12)
- Re: Firefox focus stealing vulnerability (possibly other browsers) pdp (architect) (Feb 12)
- Re: Firefox/MSIE focus stealing vulnerability - clarification Marcello Barnaba (Feb 12)
- Re: Firefox/MSIE focus stealing vulnerability - clarification Ruud H.G. van Tol (Feb 12)
- Re: Firefox/MSIE focus stealing vulnerability - clarification Tyop? (Feb 12)
- Re: Firefox/MSIE focus stealing vulnerability - clarification Marcello Barnaba (Feb 12)