Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Suggestion for Secure Browsing Tab

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI 2.0 Beta

This thread has been marked as locked.
SecurityFr3ak Suggestion for Secure Browsing Tab
Member 29th Oct, 2010 04:03
Ranking: 2
Posts: 4
User Since: 31st Aug, 2009
System Score: N/A
Location: US
I would like to suggest a modification to the Secure Browsing tab, specifically with regards to temporary work arounds to currently vulnerable browsers.

A current example: Adobe Vulnerability CVE-2010-3654:

"This vulnerability (CVE-2010-3654) could cause a crash and potentially allow an attacker to take control of the affected system."

Now Reader, Acrobat and Flash are vulnerable to Malicious swf code being run from authplay.dll, and when I delete authplay.dll I would like to have PSI 2.0 Beta show these browsers display a different severity level to signify that they are now only severity 1 or 2 rather than severity 5 since I have mitigated the potential for remote control and reduced the risk to only a possible browser crash.

Is this possible, and would you consider this or a similar modification?

Thanks for all your hard work, btw, and I really love this product and the HUGE contributions your organization has made to the security community over the years.


--
"If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology."
--Bruce Schneier

E.Jeppesen RE: Suggestion for Secure Browsing Tab
Secunia Official 29th Oct, 2010 14:34
Score: 220
Posts: 618
User Since: 24th Nov 2008
System Score: N/A
Location: Copenhagen, DK
Thank you for your suggestion. Have you tried to delete the file that the PSI has detected? If you do that the program will no longer be detected, which will also affect the shown vulnerabilities in the Secure Browsing-tab.
SecurityFr3ak RE: Suggestion for Secure Browsing Tab
Member 2nd Nov, 2010 21:32
Score: 2
Posts: 4
User Since: 31st Aug 2009
System Score: N/A
Location: US
Thanks for your help, but I believe that the file that is detected is the main file to signify of the application/version:

Reader 9.0 == AcroRd32.exe (Windows)
Flash == Flash10k.ocx (I.E.)
Flash == NPSWF32.dll (Firefox, Chrome, Opera)

So, when I delete (or rename) these files the severity 5 alert goes away completely, as it should because the vulnerable program has been basically completely removed, as if I would have uninstalled the application completely.

I was just wondering if it would be possible to reduce the impact of the high severity vulnerabilities, with temporary work arounds and have some way to signify this in the Secure Browsing tab?

I understand that this is not easily done with an automated scanning tool, and most likely not possible. Just thought I would suggest this and if by some remote chance you thought it was possible, that maybe it could be added in a later version =)

Thanks for your help.

--
"If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology."
--Bruce Schneier
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability