"Roy Schestowitz" <newsgroups@xxxxxxxxxxxxxxx> wrote
> New IE& later this year. Everyone is gradually moving to Firefox anyway
> (at the
> expense of IE). The browser wars is a sign of things to come as far as
> OSes
> go.
http://www.theregister.co.uk/2007/11/12/jar_vuln/
Firefox broken Jar vuln. menaces Gmail
Jar Jar links peril
By John Leyden ? More by this author
Published Monday 12th November 2007 16:45 GMT
Security watchers are concerned that a protocol handling flaw in Firefox
could have implications for the security of data held within Google and,
possibly, other web applications.
The flaw, involving the handling of the "jar:" protocol by Firefox, gives
rise to cross-site scripting attacks. No patch is available through there
are a number of workarounds (such as blocking URIs that contain "jar:" using
a reverse proxy or application firewall). For home users, Secunia advises
users to avoid following untrusted "jar:" links or visiting untrusted
websites.
The jar: protocol is used to extract and render content from ZIP compressed
files. Unfortunately the "jar:" protocol handler in Firefox does not
validate the MIME type of the contents of an archive, which are then
executed in the context of the site hosting the archive.
The trick might be used to conduct cross-site scripting attacks on sites
that allow a user to upload certain files, such as .zip or .png.
|
|
