Firefox, Opera Flaw Could Transfer User’s Web Content Elsewhere

A vulnerable code in Firefox and Opera that affects the manner in which BMP files are handled has been detected. The code is used to create a BMP file which is used to leak information, according to the Computer Science Researcher at vexillium.org.

The flaw affects Firefox 2.0.0.11 and the browser's earlier versions. It also affects the beta version of Opera 9.50. On using this flaw, Firefox 2.0.0.11 might crash due to an error in heap boundary. Therefore, this allows crashing of the browser from a remote location.

According to the Vexillium Computer Science Researcher, Gynvael Coldwind, the biggest problem for both the browsers, Firefox and Opera, is how to handle a bitmap or '.BMP' image file, as reported by Macworld on February 18, 2008.

The vulnerability in BMP handling is, however, also present in other browsers like Apple Safari. But in that browser, there is no option of obtaining the image content; hence, it does not pose much threat. Interestingly, Apple Safari suffers a similar fault with some of the GIF files.

An attacker, who creates a crafty bitmap file, could also pull data from the memory of the browser. In some instances, the information captured could be random, while in others, it could be worthy. The harvested information could be that of different kinds such as contents from other sites, users' stored favorites and history, or other data.

The flaw, which is moderately severe, also involves controls on file inputs to create a way to arbitrarily upload files, assuming attackers have knowledge of the entire path and the file name.

An attacker, by applying the "canvas" Hypertext Markup Language (HTML) tag and with the browsers' support, can seize the data. After that, by using JavaScript, the attacker could transfer that data to a distant server. He could also employ HTML 5 tag <canvas> to obtain the bitmap's pixel color data, and then with JavaScript, send it to the distant server.

In related news, Opera has objected to Mozilla's dealing with the revelation of vulnerability, affecting both companies' browsers. Mozilla patched this vulnerability as well as the other more severe flaws with Firefox 2.0.0.12 on February 7, 2008.

Related article: Firefox Gets Vulnerable With JavaScript

» SPAMfighter News - 25-02-2008

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next