Closed
Bug 229013
Opened 21 years ago
Closed 21 years ago
URL Spoofing Vulnerability
Categories
(Firefox :: General, defect)
Tracking
()
VERIFIED
DUPLICATE
of bug 228176
People
(Reporter: gtombros, Assigned: bugzilla)
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6a) Gecko/20031028 Firebird/0.6.1 StumbleUpon/1.8 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6a) Gecko/20031028 Firebird/0.6.1 StumbleUpon/1.8 Firebird has the same URL spoofing vulnerability as IE 6.0. This URL can be used to test the vulnerability by spoofing a PayPal site and Windows Update Site: http://security.openwares.org/ Reproducible: Always Steps to Reproduce: 1.Go to http://security.openwares.org/ 2.Press on either TEST EXPLOIT link button to see the spoofed page 3. Actual Results: A spoofed page appears Expected Results: Not show the spoofed page
Comment 1•21 years ago
|
||
I see "http://www.paypal.com%01@security.openwares.org/Paypal.htm" in my URL bar. That URL is extremely misleading ("www.paypal.com%01" is a password rather than a hostname), but it is a valid URL (except maybe fore the %01). In IE you would only see "http://www.paypal.com".
Summary: URL Spoofing Vulnerability → URL Spoofing Vulnerability
Comment 2•21 years ago
|
||
Also do not install that 3rd-party patch for IE from that site, it introduces a memory leak and contains a buffer overflow in WideCharToMultiByte() which opens a remote vulnerability.
Comment 3•21 years ago
|
||
*** This bug has been marked as a duplicate of 228176 ***
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago
Resolution: --- → DUPLICATE
Un usuario confiado, puede ser engañado al descargar archivos cuyo origen podría parecer un sitio de confianza, cuando se trata de código o enlaces maliciosos a sitios dudosos. Esto puede facilitar ataques basados en una falsa sensación de confianza. Se publica el siguiente código como prueba de concepto: <h1>Firefox 1.01 : spoofing status bar without using JavaScript</h1> <p>Save the New Features about Firefox 1.02 ( PDF 20K )</p> <p>Right Click and Save Link as ...<p> <div> <a href="http://www.mozilla.org/features_ff102.pdf"> <table><tr><td> <a href="http://www.tpc.org/tpch/spec/tpch2.1.0.pdf"> download : http://www.mozilla.org/features_ff102.pdf </a><!-- first --> </td></tr></table> </a><!-- second --> </div> En el ejemplo, si el usuario acepta la sugerencia de grabar el enlace con el botón derecho, se descargaría un archivo del sitio "www.tpc.org" mientras la víctima creería estar haciéndolo de "www.mozilla.org".
You need to log in
before you can comment on or make changes to this bug.
Description
•