|
Multiple Browsers Frame Injection Vulnerability
|
|
Secunia Advisory:
|
SA11978
|
|
|
Release Date:
|
2004-07-01
|
|
Last Update:
|
2004-09-13
|
|
Popularity:
|
165,891 views
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
Spoofing
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Camino 0.x
Internet Explorer 5.x for Mac
Konqueror 3.x
Mozilla 0.x
Mozilla 1.0
Mozilla 1.1
Mozilla 1.2
Mozilla 1.3
Mozilla 1.4
Mozilla 1.5
Mozilla 1.6
Mozilla Firefox 0.x
Netscape 6.x
Netscape 7.x
Opera 5.x
Opera 6.x
Opera 7.x
Safari 1.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
| CVE reference: | CVE-2004-0717
CVE-2004-0718
CVE-2004-0719
CVE-2004-0720
CVE-2004-0721
|
|
Description:
A 6 year old vulnerability has been discovered in multiple browsers, allowing malicious people to spoof the content of websites.
The problem is that the browsers don't check if a target frame belongs to a website containing a malicious link, which therefore doesn't prevent one browser window from loading content in a named frame in another window.
Successful exploitation allows a malicious website to load arbitrary content in an arbitrary frame in another browser window owned by e.g. a trusted site.
Secunia has constructed a test, which can be used to check if your browser is affected by this issue:
http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/
The vulnerability has been confirmed in the following browsers:
* Opera 7.51 for Windows
* Opera 7.50 for Linux
* Mozilla 1.6 for Windows
* Mozilla 1.6 for Linux
* Mozilla Firebird 0.7 for Linux
* Mozilla Firefox 0.8 for Windows
* Netscape 7.1 for Windows
* Internet Explorer for Mac 5.2.3
* Safari 1.2.2
* Konqueror 3.1-15redhat
Other versions may also be affected.
The vulnerability also affects Internet Explorer:
SA11966
Solution:
Do not browse untrusted sites while browsing trusted sites.
The following browsers are not affected:
* Mozilla Firefox 0.9 and later
* Mozilla 1.7
* Opera 7.52
* Netscape 7.2
* Camino 0.8 (build 2004062308)
KDE has issued patches for Konqueror.
Patches for KDE 3.0.5b:
ftp://ftp.kde.org/pub/kde/security_patches/post-3.0.5b-kdelibs-htmlframes.patch
ftp://ftp.kde.org/pub/kde/security_patches/post-3.0.5b-kdebase-htmlframes.patch
Patches for KDE 3.1.5:
ftp://ftp.kde.org/pub/kde/security_patches/post-3.1.5-kdelibs-htmlframes.patch
ftp://ftp.kde.org/pub/kde/security_patches/post-3.1.5-kdebase-htmlframes.patch
Patches for KDE 3.2.3:
ftp://ftp.kde.org/pub/kde/security_patches/post-3.2.3-kdelibs-htmlframes.patch
ftp://ftp.kde.org/pub/kde/security_patches/post-3.2.3-kdebase-htmlframes.patch
Apple has issued a security update, which fixes the vulnerability in Safari.
http://secunia.com/advisories/12491/
Provided and/or discovered by:
Reported in Mozilla browser by:
Gary McKay
Changelog:
2004-07-02: Updated solution.
2004-07-07: Opera Software issues updated version (7.52), which fixes the vulnerability.
2004-07-27: Added CVE references.
2004-08-12: KDE issues fix for Konqueror.
2004-08-20: Added information about the Camino browser.
2004-09-13: Added information about Apple fix for Safari.
Original Advisory:
KDE:
http://www.kde.org/info/security/advisory-20040811-3.txt
Other References:
SA11966:
http://secunia.com/advisories/11966/
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
