Full Disclosure: Re: Found a lot of sites exploiting Firefox URI vulnerability!!!

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: Found a lot of sites exploiting Firefox URI vulnerability!!! - part 2

From: Daniel Veditz <dveditz () cruzio com>
Date: Mon, 13 Aug 2007 11:09:49 -0700

carl hardwick wrote:

Found a lof of sites exploiting Firefox URI vulnerability!!!


Maybe I'm getting to these sites after they've been cleaned up, or maybe
I'm just missing it, but what exactly are they exploiting and how? I don't
see anything that looks like the recent announced Firefox URI problems (no
firefoxurl: URIs, no %00 or double-quotes in URIs). One site did try to
download a probably-malicious "codec.exe", but that was a simple
"location=" trick that works on any browser (a save dialog came up).

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Found a lot of sites exploiting Firefox URI vulnerability!!! - part 2 carl hardwick (Aug 13)
- Re: Found a lot of sites exploiting Firefox URI vulnerability!!! - part 2 Daniel Veditz (Aug 13)
- <Possible follow-ups>
- Found a lot of sites exploiting Firefox URI vulnerability!!! - part 2 carl hardwick (Aug 14)