Experts Find Two Vulnerabilities in Firefox
Firefox, the open source browser fails to prevent certain phishing sites and undesirable pop-ups. All Firefox versions including the current version 188.8.131.52 cannot recognize phishing URLs having additional slashes as directory separators such as in www.xyz.com///servvices. Such types of URLs can therefore get past the browser's phishing protection feature. They can also stimulate URLs belonging to the blacklist and inject a new surge of phishing attacks.
Securiteam, a site that raises security alerts said the flaw could let pages from Firefox's registry of recognized phishing sites to bypass its recognition software and appear legitimate to the surfer.
The presence of the flaw can allow an expert phisher to mislead the browser convincing that an illegitimate site is truly secure. All that the phisher needs to do is add some characters into the website's URL. The phishing flaw well works in current version 184.108.40.206 of Firefox. Securiteam appreciated the discovery of the flaw in a report presented by an independent researcher who names himself Kanedaa.
Firefox has another vulnerability in the default function of its built-in pop-up prevention tool. The browser prevents websites from accessing locally stored files, describes the official report. However, when a Firefox user turns off pop-up displays manually, it circumvents the URL permission check. This helps an attacker to exploit this flaw to steal files stored locally and personal information that might be present in those files.
Firefox version 220.127.116.11 is found to be vulnerable to this exploit. The exploit might also affect its other versions. The discoverer of this flaw Michal Zalewski said the exploit works partly when a user allows a blocked pop-up to run that bypasses normal URL permission checks. The permission checks would prevent distant sites from gaining access to a user's filespace.
The hack works when a malicious file having the exploit code is already on the system. The file could be installed on the system by luring a user to open a link in order to download the file. The malicious file would then allow access to different files that could be sent to a server of a remote source that misuses the data.
Related article: Experts Caution Against Bot Attacks on D-Link Routers
» SPAMfighter News - 22-02-2007