|
|
|
Vulnerability Note VU#405092Mozilla products allows the src attribute in an img element to be changed to a JavaScript URIOverviewMozilla products contain a cross-site scripting vulnerability due to a vulnerability in the way IMG elements are loaded.I. DescriptionA vulnerability in the way Mozilla products load IMG elements in a frame may cause a cross-site script injection. According to Mozilla Foundation Security Advisory 2006-72:... the src attribute of an IMG element loaded in a frame could be changed to a javascript: URI that was able to bypass the protections against cross-site script (XSS) injection. The injected script could steal credentials and financial data, or perform destructive actions on behalf of a logged-in user. II. ImpactBy convincing a victim to view an HTML document (web page), an attacker could evaluate script in a different security domain than the one containing the attacker's document. The attacker could read or modify data in other web sites (read cookies/content, modify/create content, etc.). If the script is evaluated with chrome privileges, an attacker could execute arbitrary commands on the user's system.III. SolutionApply an updateAccording to the Mozilla Foundation Security Advisory 2006-72, this vulnerability is addressed in Firefox 2.0.0.1, Firefox 1.5.0.9, Thunderbird 1.5.0.9, and SeaMonkey 1.0.7.
References
This vulnerability was reported in Mozilla Foundation Security Advisory 2006-72. Mozilla credits moz_bug_r_a4 with providing information about this issue. This document was written by Chris Taschner.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Get Adobe Reader