Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: www.google.com xss vulnerability Using mhtml
From: Yigit Turgut <y.turgut () gmail com>
Date: Wed, 26 Jan 2011 15:17:32 +0200

I woudn't like to discourage ppl submitting vulns to vendors but this is the
response you'll most likely to get from those kind of vendors no matter what
you found in their system. I had more than a dozen similar experience like
yours. Now it's public + fixed and you gotta get nothing beside these
replies (:



Message: 10
Date: Wed, 26 Jan 2011 01:33:16 -0800
From: IEhrepus <5up3rh3i () gmail com>
Subject: [Full-disclosure] www.google.com xss vulnerability Using
       mhtml
To: full-disclosure () lists grok org uk
Cc: sird () rckc at
Message-ID:
       <AANLkTinF+XiCfVrw86cm-m0uHW_o0xzK1XfHFwTNR1PF () mail gmail 
com<AANLkTinF%2BXiCfVrw86cm-m0uHW_o0xzK1XfHFwTNR1PF () mail gmail com>

Content-Type: text/plain; charset=UTF-8

Long, long time ago, we heard an interesting legend is www.google.com
will Pay for its vulnerability,so we want to try ...

lucky,A vulnerability has been caught by my friend
PZ[http://hi.baidu.com/p__z], this vul is base on ?Hacking with mhtml
protocol handler?[
http://www.80vul.com/mhtml/Hacking%20with%20mhtml%20protocol%20handler.txt
]:

mhtml:http://www.google.com/gwt/n?u=[mhtml file url]!xxxx

we are very happy,so we post it to security () google com for the legend
:)[2011/01/23].We got a reply soon [2011/01/24]:

---------------------------------------------------
Hi Pavel,

Nice catch! I?ve filed a bug internally and will keep you in the loop
as things progress.

Regards,
xxx- Google Security Team
--------------------------------------------------

but .....

-------------------------------------------------
Hi Pavel,

The panel has determined this doesn't qualify for a reward for 2 reasons:

1) A very close variant was publicly disclosed on 21 Jan:
http://www.wooyun.org/bugs/wooyun-2010-01199
2) Technically, it's not a bug in Google, it's really a big in IE.

Cheers,
xxx, Google Security Team
-----------------------------------------------

and Today we test the vul again ,it has been fixed .[2011/01/26]

Thus, we understand the unspoken rules of this, This is a football
game, the vulnerability is the ball , MS and GG are the players


----by superhei from http://www.80vul.com




hitest

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault