OSVDB ID: 17397

Title: Multiple Browser Javascript Dialog Origin Spoofing

Info

Disclosure

Jun 21, 2005

Discovery

May 24, 2005

Dates

Exploit

Jun 21, 2005

Solution

Unknown

Description

Multiple web browsers contain a Javascript flaw that may lead to an unauthorized password exposure or other information disclosure. It is possible for a malicious web site to open a dialog box in front of a window displaying a trusted web site. It may appear that the dialog box comes from the trusted web site prompting users to enter passwords or other sensitive information, which may lead to a loss of confidentiality.

Classification

Location: Remote/Network Access Required
Attack Type: Information Disclosure
Impact: Loss of Confidentiality
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Upgrade to version iCab 3.0 or higher, or Opera 8.01 or higher, as it has been reported to fix this vulnerability. Future versions of other affected products may also fix this vulnerability. Check with your browser vendor for the latest updates. Microsoft has issued a statement that this is standard web browser behaviour and will not be fixed. It may also be possible to avoid the flaw by being careful to not browse untrusted web sites while also browsing trusted sites.

Products

Apple Computer, Inc.	Safari	1.x
		2.0

iCab

iCab

2.x

Opera Software	Opera	7.x
		8.0

Mozilla Organization	Camino	0.8.4
	Mozilla	1.7.8
	Firefox	0.x
		1.0.4
		1.0.3
		1.0.2
		1.0.1

Microsoft Corporation	Internet Explorer	6.0 SP1
	Internet Explorer	6.0
	Internet Explorer for Mac	5
	MSN Explorer	7.2.10.1600

KDE Project

Konqueror

3.4.0

GNOME Project

Epiphany

1.6.0

Avant Force

Avant Browser

10.0 build 168

Stilesoft Inc.

NetCaptor

7.5.4.1429

FlashPeak

Slim Browser

4.05 Build 007

Amazing Software Products

Advanced Browser

8.0.2.107

Omnibrowser

Omnibrowser

2.00

Wang Chunshan

MyInternet

10.0.0.0

Fastbrowser.net

Fast Browser Pro

8.1

Revopoint

27 Tools-in-1 Wichio Browser

4.2

Optimal Access Inc.

Optimal Desktop

4.00 Build 154

AcooBrowser.com

Acoo Browser

1.17 build 283

NetLeaf Limited

NotJustBrowsing (EPV)

1.0.4

Stanly Xu

GoSuRF Browser

2.54 build version 2.5.504.6101

AMBrowser.com

AM Browser

2.0.0

CrazyBrowser.com

Crazy Browser

2.0.0

Capital Intellect, Inc.

Secure IE 2004 Professional

2004.3.1286

SoftInform	FineBrowser Professional	3.2.12
SoftInform	iNetAdviser Professional	4.4.07

VNCom LLC

E2 Browser

2.0 Build 900

Hewlett-Packard Development Company, L.P.

OpenVMS Secure Web Browser

1.7.8

References

Security Tracker: 1014255 1014256 1014257 1014258 1014259 1014260 1014261 1014264 1014265 1014266 1014270 1014286 1014295 1014296 1014297 1014298 1014313 1014314 1014315
Bugtraq ID: 14012 14037 14038
Secunia Advisory ID: 15474 15477 15488 15489 15491 15492 16141 16151 16157 16164 16168 16197 16230 16233 16257 16326 16418 16437 16507 16797 16894 17057
CVE ID: 2005-2268 (see also: NVD) 2005-2271 (see also: NVD) 2005-2272 (see also: NVD) 2005-2273 (see also: NVD) 2005-2274 (see also: NVD)
ISS X-Force ID: 21070
Other Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20050802-01-U.asc http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:128
http://lists.suse.com/archive/suse-security-announce/2005-Jul/0006.html
http://secunia.com/secunia_research/2005-11/advisory/
http://secunia.com/secunia_research/2005-12/advisory/
http://secunia.com/secunia_research/2005-8/advisory/
http://secunia.com/secunia_research/2005-9/advisory/
http://secwatch.org/advisories/1010902/
http://secwatch.org/advisories/1010907/
http://secwatch.org/advisories/1010908/
http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware- ......
http://www.debian.org/security/2005/dsa-779
http://www.debian.org/security/2005/dsa-810
http://www.gentoo.org/security/en/glsa/glsa-200507-24.xml
http://www.microsoft.com/technet/security/advisory/902333.mspx
http://www.novell.com/linux/security/advisories/2005_45_mozilla.html
http://www.ubuntulinux.org/support/documentation/usn/usn-149-1
http://www.ubuntulinux.org/support/documentation/usn/usn-155-1
http://www.us-cert.gov/cas/bulletins/SB05-173.html
Keyword: HPSBOV01229 SSRT5999
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-09/0236.html
Generic Exploit URL: http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/
Generic Informational URL: http://www.eweek.com/article2/0,1759,1830025,00.asp
Vendor Specific Advisory URL: http://www.mozilla.org/security/announce/mfsa2005-54.html
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01231
http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBOV01229
Vendor Specific Solution URL: http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01230
RedHat RHSA: RHSA-2005:586 RHSA-2005:587

Credit

Jakob Balle - jbsecunia.com - Secunia Research

Direct URL: http://osvdb.org/36218