1. Multiple Browser URI Handlers Command Injection Vulnerabilities
Remote: Yes
Summary: Multiple browsers are prone to vulnerabilities that let attackers inject commands through various protocol handlers.
Exploiting these issues allows remote attackers to pass and execute arbitrary commands and arguments through processes such as 'cmd.exe' by employing various URI handlers.
An attacker can exploit these issues to carry out various attacks by executing arbitrary commands on a vulnerable computer.
Exploiting these issues would permit remote attackers to influence command options that can be called through protocol handlers and to execute commands with the privileges of a user running the application. Successful attacks may result in a variety of consequences, including remote unauthorized access.
Mozilla Firefox 2.0.0.5, 3.0a6 and Netscape Navigator 9 are reported vulnerable to these issues. Other versions of these browsers and other vendors' browsers may also be affected.
more
2. Multiple Web Browsers Digest Authentication HTTP Response Splitting Vulnerability
Remote: Yes
Summary: Multiple browsers are prone to an HTTP-response-splitting vulnerability because the software fails to properly sanitize user-supplied input.
A remote attacker may exploit this vulnerability to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust.
This issue affects Microsoft Internet Explorer 7.0.5730.11 and Mozilla Firefox 2.0.0.3; other versions and browsers may also be affected.
more
3. Multiple Vendor Web Browser JavaScript Key Filtering Vulnerability
Remote: Yes
Summary: Multiple web browsers are prone to a JavaScript key-filtering vulnerability because the browsers fail to securely handle keystroke input from users.
This issue is demonstrated to allow attackers to divert keystrokes from one input form in a webpage to a hidden file-upload dialog in the same page. This may allow remote attackers to initiate file uploads from unsuspecting users. Other attacks may also be possible.
Exploiting this issue requires that users manually type the full path of files that attackers wish to download. This may require substantial typing from targeted users, so attackers will likely use keyboard-based games, blogs, or other similar pages to entice users to enter the required keyboard input to exploit this issue.
Reportedly, Mozilla Suite, Mozilla Firefox, Mozilla SeaMonkey, Netscape Navigator, and Microsoft Internet Explorer are all vulnerable to this issue.
more
4. Mozilla Firefox OnKeyDown Event File Upload Vulnerability
Remote: Yes
Summary: Mozilla Firefox is prone to an information-disclosure vulnerability that can allow an attacker to access sensitive files.
This issue stems from a design error resulting from the improper handling of form fields.
All versions of Firefox are considered vulnerable.
more
5. Mozilla Firefox OnUnload Javascript Browser Entrapment Vulnerability
Remote: Yes
Summary: Mozilla Firefox is prone to a vulnerability that allows attackers to trap users at a particular webpage and spoof page transitions.
Attackers may exploit this via a malicious page to spoof the contents and origin of a page that the victim may trust. This vulnerability may be useful in phishing or other attacks that rely on content spoofing.
more
6. Mozilla Firefox WYCIWYG:// URI Cache Zone Bypass Vulnerability
Remote: Yes
Summary: Mozilla Firefox is prone to a cache-zone-bypass vulnerability because the application fails to properly block remote access to special internally generated URIs containing cached data.
Exploiting this issue allows remote attackers to access potentially sensitive information and to place markers with similar functionality to cookies onto targeted users' computers, regardless of cookie security settings. Information harvested in successful exploits may aid in further attacks.
Attackers may also potentially exploit this issue to perform cache-poisoning or URL-spoofing attacks.
more
7. Mozilla Firefox 2.0.0.7 Multiple Remote Vulnerabilities
Remote: Yes
Summary: The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox 2.0.0.7 and prior versions.
These vulnerabilities allow attackers to:
- Execute arbitrary code due to memory corruption.
- Carry out content spoofing and phishing attacks.
- Gain unauthorized access to files on a user's computer running the Linux operating system.
- Execute script code with elevated privileges.
Other attacks may also be possible.
These issues are present in Firefox 2.0.0.7 and prior versions. Mozilla Thunderbird 2.0.0.7 and prior versions as well as SeaMonkey 1.1.4 and prior versions are also affected by many of these vulnerabilities.
more
8. Mozilla Firefox/Thunderbird/SeaMonkey Chrome-Loaded About:Blank Script Execution Vulnerability
Remote: Yes
Summary: Mozilla Firefox, Thunderbird, and SeaMonkey are prone to a vulnerability that allows JavaScript to execute with unintended privileges.
A malicious site may be able to cause the execution of a script with Chrome privileges. Attackers could exploit this issue to execute hostile script code with privileges that exceed those that were intended. Certain Firefox extensions may not intend 'about:blank' to execute script code with Chrome privileges.
NOTE: This issue was introduced by the fix for MFSA 2007-20.
more
9. Mozilla Firefox 2.0.0.4 Multiple Remote Vulnerabilities
Remote: Yes
Summary: The Mozilla Foundation has released four security advisories specifying multiple vulnerabilities in Firefox 2.0.0.4.
These vulnerabilities allow attackers to:
- Execute arbitrary code
- Execute code with chrome privileges
- Perform cross-site scripting attacks
- Crash Firefox in a myriad of ways, with evidence of memory corruption.
Other attacks may also be possible.
more
10. Mozilla Firefox URLBar Null Byte File Remote Code Execution Vulnerability
Remote: Yes
Summary: Mozilla Firefox is prone to a remote code-execution vulnerability because it fails to adequately sanitize user-supplied input.
Attackers may exploit this issue by enticing victims into visiting a malicious site and followings links with improper file extensions.
Successful exploits may allow an attacker to crash the application or execute arbitrary code in the context of the affected application. Other attacks are also possible.
more
11. Mozilla Firefox About:Blank IFrame Cross Domain Information Disclosure Vulnerability
Remote: Yes
Summary: Mozilla Firefox is prone to a cross-domain information-disclosure vulnerability because scripts may persist across navigations.
A malicious site may be able to modify the iframe of a site in an arbitrary external domain. Attackers could exploit this to gain access to sensitive information that is associated with the external domain. Other attacks are also possible, such as executing script code in other browser security zones.
This issue is being tracked by Bugzilla Bug 382686 and is reportedly related to Bug 343168.
Firefox 2.0.0.4 and prior versions are vulnerable.
more
12. Microsoft Internet Explorer and Mozilla Firefox URI Handler Command Injection Vulnerability
Remote: Yes
Summary: Microsoft Internet Explorer, Mozilla Firefox and Netscape Navigator are prone to a vulnerability that lets attackers inject commands through the 'firefoxurl' and 'navigatorurl' protocol handlers.
Exploiting these issues allows remote attackers to pass and execute arbitrary commands and arguments through the 'firefox.exe' and 'navigator.exe' processes by employing the 'firefoxurl' and 'navigatorurl' handlers.
An attacker can also employ these issues to carry out cross-browser scripting attacks by using the '-chrome' argument. This can allow the attacker to run JavaScript code with the privileges of trusted Chrome context and gain full access to Firefox and Netscape Navigator's resources.
Exploiting these issues would permit remote attackers to influence command options that can be called through the 'firefoxurl' and 'navigatorurl' handlers and therefore execute commands and script code with the privileges of a user running the applications. Successful attacks may result in a variety of consequences, including remote unauthorized access.
more
13. Mozilla Firefox 2.0.0.6 Unspecified Protocol Handling Command Injection Vulnerability
Remote: Yes
Summary: Mozilla Firefox is prone to an unspecified vulnerability that lets remote attackers inject commands through the 'mailto', 'nntp', 'news', and 'snews' protocol handlers.
Remote attackers may influence command options that can be called through the various handlers and therefore execute commands and script code with the privileges of a user running the applications. Successful attacks may result in various consequences, including remote unauthorized access.
more
source
No comments:
Post a Comment