Security flaw, multiple browsers.

Here is a pretty rare item, a security flaw that effects multiple browsers, in fact nearly all the popular ones in use today.
The affected browsers affected are:

Internet Explorer,
Pre 0.9 Firebird
Pre 1.6 Mozilla
Pre 7.51 Opera.
Safari 1.2.2
Konqueror 3.1

The problem with this one, occurs when you browse a secure web site, and an un trusted web site, in different browser windows at the same time.
Say for example your online banking, and some shady site you found in an e-mail.

The un trusted site, can inject contents into the other (trusted) frameset, so in the case of your online banking, it would allow the un trusted one to replace the banks login screen with one of their own creation that would give them your details.

I tested this on my system, with both my installed browsers Firefox 0.9 and IE6 (fully patched).
Firefox didn’t work, the problem was apparently fixed in 0.9, as it had no effect at all.
In IE6 however, it worked as advertised and I had a browser displaying Micro$ofts MSDN site, with another sites content displayed inside it.

You can read about the flaw at Secunia and if your curious, you can try the demo yourself here, just follow the directions.

So, if you’re a Mozilla or Opera user, just get the latest version of your browser, and if your an IE user, get the latest update of Firefox because the latest version of IE is still susceptible.
From what I have read, the newest builds of Konqueror have also dealt with the problem. Safari I don’t know about, as Apple is pretty close mouthed on security stuff unless it suits them to speak up.

Having said all of that, this is not really that big a deal, as it would be very hard for a malicious individual to actually use, as it requires knowledge that they don’t have. For example, how would they know what trusted site you were at? (if any) and then they need to know the frame name of the trusted site running on your machine. Oh and your trusted site needs to be using a frame layout, AND you have to have their page open at the time as well. So as you can see, while no flaw is good, and it’s good that most have already blocked this, it would be a pretty determined cracker that could actually benefit from this. Obviously the odds get allot better for the cracker if he/she knows you well.



Leave a Reply

Recent Posts