Flaw finder warns of IE 7 phishing hole

Discussion in 'Forum for discussion of ANTICHAT' started by Dracula4ever, 20 Mar 2007.

  1. Dracula4ever

    Dracula4ever Elder - Старейшина

    8 May 2006
    Likes Received:
    An Israeli security researcher demonstrated on Wednesday an attack that uses a flaw in the way Microsoft's latest Web browser handles canceled pages that could help phishers fool their victims.

    The attack uses the reliance of Internet Explorer 7 on a special local resource to display a message when a user cancels navigating to a requested Web page, said Aviv Raff, a security researcher and software developer based in Israel. A phisher could exploit the issue by using a script to create a specially-crafted version of the local navcancl.htm page to show content that appears to be from a trusted site. When a victim opens up a link provided by an attacker, the "Navigation Canceled" page will be displayed, and the victim will likely believe that some error prevented the site from working and thus refresh the page, Raff said.

    "The attacker’s provided content--e.g. fake login page--will be displayed and the victim will think that he’s within the trusted site, because the address bar shows the trusted site’s URL," Raff stated on his blog.

    The issue belongs to the most numerous class of vulnerabilities: cross-site scripting (XSS) (corrected). Such issues have become the No. 1 type of flaw found in software, according to data from the Common Vulnerability and Exposures (CVE) project. While many XSS flaws, at worst, make it more difficult for a user to discern phishing attacks, a number of such vulnerabilities can lead to serious security problems, as attested by a serious data-leak vulnerability in Google Desktop fixed earlier this year.

    Raff contributed a similar class of vulnerability in QuickTime--known as a cross-zone scripting flaw --during the Month of Apple Bugs (MoAB) project in January.

    Microsoft researchers are currently investigating the issue but have seen no evidence that the alleged flaw is currently being used maliciously, the software giant said in a statement sent to SecurityFocus. The company also spelled out its policy that flaws should be directly reported to the software maker.

    "Microsoft continues to encourage responsible disclosure of vulnerabilities to minimize risk to computer users," the company stated. "Microsoft supports the commonly accepted practice of reporting vulnerabilities directly to a vendor, which serves everyone's best interests."

    The issue affects Internet Explorer 7 running on both Windows XP and Windows Vista, according to researcher Raff.

    2 people like this.
  2. bxN5

    bxN5 Elder - Старейшина

    8 Jan 2006
    Likes Received:
    it's an old soft:) Take +
    #2 bxN5, 21 Mar 2007
    Last edited by a moderator: 24 Mar 2007