Comments on: Internet Explorer 0day Exploit http://larholm.com/2007/07/10/internet-explorer-0day-exploit/ Me, myself and I Thu, 07 Aug 2008 19:55:42 +0000 http://wordpress.org/?v=2.5.1 By: Techzi » Blog Archive » New URI browser flaws worse than first thought http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1715 Techzi » Blog Archive » New URI browser flaws worse than first thought Wed, 15 Aug 2007 20:12:30 +0000 http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1715 [...] bugs have become a hot topic over the past month ever since researcher Thor Larholm showed how a browser could be tricked into sending malformed data to Firefox using this technology. This bug allowed an attacker to run unauthorized software on a [...] [...] bugs have become a hot topic over the past month ever since researcher Thor Larholm showed how a browser could be tricked into sending malformed data to Firefox using this technology. This bug allowed an attacker to run unauthorized software on a [...]

]]> By: New URI browser flaws worse than first thought http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1714 New URI browser flaws worse than first thought Wed, 15 Aug 2007 20:00:57 +0000 http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1714 [...] bugs have become a hot topic over the past month ever since researcher Thor Larholm showed how a browser could be tricked into sending malformed data to Firefox using this technology. This bug allowed an attacker to run unauthorized software on a [...] [...] bugs have become a hot topic over the past month ever since researcher Thor Larholm showed how a browser could be tricked into sending malformed data to Firefox using this technology. This bug allowed an attacker to run unauthorized software on a [...]

]]> By: Official Blog for Goviphosting.com » Mozilla rushes out second Firefox patch this month http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1353 Official Blog for Goviphosting.com » Mozilla rushes out second Firefox patch this month Wed, 01 Aug 2007 17:21:23 +0000 http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1353 [...] in the month security researcher Thor Larholm showed how to exploit this type of problem in order to make Internet Explorer and Firefox jointly launch [...] [...] in the month security researcher Thor Larholm showed how to exploit this type of problem in order to make Internet Explorer and Firefox jointly launch [...]

]]> By: Thor Larholm http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1347 Thor Larholm Wed, 01 Aug 2007 13:08:04 +0000 http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1347 Alain, the link in comment #91 only deals with how Internet Explorer passes on the URI component. Internet Explorer will by design pass the unescaped URI to the protocol handler. As Microsoft has stated several times, this is not a behavior that they intend to change, despite the new IE7 URI flaws. Regards Thor Larholm Alain, the link in comment #91 only deals with how Internet Explorer passes on the URI component.

Internet Explorer will by design pass the unescaped URI to the protocol handler. As Microsoft has stated several times, this is not a behavior that they intend to change, despite the new IE7 URI flaws.

Regards
Thor Larholm

]]> By: Alain Saint-Etienne http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1342 Alain Saint-Etienne Wed, 01 Aug 2007 10:49:01 +0000 http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1342 Mozilla foundation has published yesterday a new version of Firefox, v2.0.0.6, that is supposed to fix the vulnerability (comments #93, #94) : - http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.6 - http://www.mozilla.org/security/announce/2007/mfsa2007-27.html But is this fix enough, if -- as stated in comment #95 -- the Windows component that handles protocol handlers still unescapes the URI that Firefox now escapes ? Mozilla foundation has published yesterday a new version of Firefox, v2.0.0.6, that is supposed to fix the vulnerability (comments #93, #94) :
- http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.6
- http://www.mozilla.org/security/announce/2007/mfsa2007-27.html

But is this fix enough, if — as stated in comment #95 — the Windows component that handles protocol handlers still unescapes the URI that Firefox now escapes ?

]]> By: Mozilla Rushes Out Another Firefox Patch « TechTitans™ http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1308 Mozilla Rushes Out Another Firefox Patch « TechTitans™ Tue, 31 Jul 2007 13:33:23 +0000 http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1308 [...] in the month security researcher Thor Larholm showed how to exploit this type of problem in order to make Internet Explorer and Firefox jointly launch [...] [...] in the month security researcher Thor Larholm showed how to exploit this type of problem in order to make Internet Explorer and Firefox jointly launch [...]

]]> By: Mozilla rushes out second Firefox patch this month http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1307 Mozilla rushes out second Firefox patch this month Tue, 31 Jul 2007 11:53:35 +0000 http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1307 [...] in the month security researcher Thor Larholm showed how to exploit this type of problem in order to make Internet Explorer and Firefox jointly launch [...] [...] in the month security researcher Thor Larholm showed how to exploit this type of problem in order to make Internet Explorer and Firefox jointly launch [...]

]]> By: U R Insecure - how URI exploits are changing the webappsec landscape | GNUCITIZEN http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1168 U R Insecure - how URI exploits are changing the webappsec landscape | GNUCITIZEN Fri, 27 Jul 2007 15:01:41 +0000 http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1168 [...] http://larholm.com/2007/07/10/internet-explorer-0day-exploit/ [...] [...] http://larholm.com/2007/07/10/internet-explorer-0day-exploit/ [...]

]]> By: Mozilla flaw attack code published « TechTitans™ http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1129 Mozilla flaw attack code published « TechTitans™ Thu, 26 Jul 2007 15:21:47 +0000 http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1129 [...] URL handler has been a headache for Mozilla ever since security researcher Thor Larholm showed that the way IE (Internet Explorer) and Firefox interact with each other could be exploited to [...] [...] URL handler has been a headache for Mozilla ever since security researcher Thor Larholm showed that the way IE (Internet Explorer) and Firefox interact with each other could be exploited to [...]

]]> By: B?ad w Firefox, nieprawid?owe filtrowanie wyra?e? w linkach. | tPython http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1122 B?ad w Firefox, nieprawid?owe filtrowanie wyra?e? w linkach. | tPython Thu, 26 Jul 2007 14:09:59 +0000 http://larholm.com/2007/07/10/internet-explorer-0day-exploit/#comment-1122 [...] przy pomocy IE polega? na utworzeniu odpowiednio spreparowanego odno?nika, którego naci?ni?cie powodowa?o uruchomienie Firefoxa wraz dodatkowymi atrybutami [...] [...] przy pomocy IE polega? na utworzeniu odpowiednio spreparowanego odno?nika, którego naci?ni?cie powodowa?o uruchomienie Firefoxa wraz dodatkowymi atrybutami [...]

]]>