Full Disclosure mailing list archives
RE: Disclosure of local file content in Mozilla Firefox and Opera
From: "Giovanni Delvecchio" <badpenguin79 () hotmail com>
Date: Mon, 06 Dec 2004 23:50:35 +0000
Which you wrote is correct, indeed i have specified in my message:
Anyway it cannot be exploited "directly" by a remote site, but only if the page is opened from a local path ( file://localpath/code.htm), since the iframe belongs to a local domain.Note: with Internet Explorer these PoCs doesn't work even in local.
My target was explain how a remote user could take advantage by this feature.
I illustrated also a possible method of remote exploitation.But at this point i have a question: if it is a normal behavior, why in Ms Internet Explorer i cannot reproduce this problem even in local zone?
Maybe different implementation? IMHO it's strange. Regards, Giovanni Delvecchio
This is not a vulnerability, it is expected behavior.Mozilla shares the same zone design as IE which means that a file from the local file zone can read any other file from the local file zone. You cannot use this approach to read a local file from another zone such as the Internet zone. From the Internet zone, you can also only read the content of files from the same zone, same protocol and same domain.I agree that Mozilla has implemented quite a lot of proprietary IE extensions which it should have not done, however reading the innerHTML of an element through document.all does not circumvent the traditional zone security checks already in place.Regards Thor Larholm Senior Security Researcher PivX Solutions 23 Corporate Plaza #280 Newport Beach, CA 92660 http://www.pivx.com thor () pivx com Stock symbol: (PIVX.OB) Phone: +1 (949) 231-8496 PGP: 0x4207AEE9 B5AB D1A4 D4FD 5731 89D6 20CD 5BDB 3D99 4207 AEE9 PivX defines a new genre in Desktop Security: Proactive Threat Mitigation. <http://www.pivx.com/qwikfix>
_________________________________________________________________ Scarica gratuitamente MSN Toolbar! http://toolbar.msn.it/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Disclosure of local file content in Mozilla Firefox and Opera Giovanni Delvecchio (Dec 06)
- Re: Disclosure of local file content in Mozilla Firefox and Opera Juergen Schmidt (Dec 06)
- <Possible follow-ups>
- RE: Disclosure of local file content in Mozilla Firefox and Opera Thor Larholm (Dec 06)
- RE: Disclosure of local file content in Mozilla Firefox and Opera Giovanni Delvecchio (Dec 06)