following is true for 1.7.5 and below.
ff 1.0 AND tb 1.0 are based on 1.7.5 so they're affected, too
watch out before downloading or use the ff and tb versions with the date in their name.
mozilla 1.8x should be safe.
CRITICAL:
Not critical
IMPACT:
Spoofing
WHERE:
From remote
Description:
bitlance winter has discovered a weakness in Mozilla, which can be exploited by malicious people to trick users into saving malicious files by obfuscating URLs.
The status bar cannot be manipulated via script code in the default settings. However, it is still possible to display an incorrect URL in the status bar when hovering the mouse over a link, right clicking, and choosing "Save Link Target As...".
This can be exploited by including a nested link in a table inside a link.
The weakness is related to:
SA13015
Example:
<a href="[TRUSTED_URL]">
<table><tr><td>
<a href="[MALICIOUS_URL]">download
</a>
</td></tr></table>
</a>
The weakness has been confirmed in version 1.7.5. Other versions may also be affected.
Solution:
Never save files via untrusted sources.
Provided and/or discovered by:
bitlance winter
Login
Register
FAQ
Search
