Multiple vendor Web browsers inactive tab dialog spoofing
| web-browser-dialog-spoofing (17788) |  Medium Risk |
Description:
Multiple vendor Web browsers could allow a remote attacker to spoof a dialog box. A remote attacker could create a specially-crafted Web page, that would cause an inactive tab, which is a tab that is not currently selected in the window, to launch a dialog box that appears to come from a trusted source. This vulnerability could be used to gain sensitive information from unsuspecting users, once the victim opens the malicious link in a new tab. An attacker could exploit this vulnerability by hosting the malicious Web page on a Web site or sending it to a victim as an HTML email.
Web browsers include Mozilla, Firefox, Camino, Safari, Opera, Konqueror, KDE, Netscape, Netcaptor, Slim Browser, Avant Browser, Maxthon, Epiphany, Galeon and OmniWeb.
Platforms Affected:
- Apple, Mac OS X 10.2.8
- Apple, Mac OS X 10.3.6
- Apple, Mac OS X Server 10.2.8
- Apple, Mac OS X Server 10.3.6
- Apple, Safari 1.2.3
- Avant Browser, Avant Browser 10.0 build 029
- Avant Browser, Avant Browser 9.02 build 101
- Canonical, Ubuntu 4.10
- Canonical, Ubuntu 5.04
- Galeon, Galeon 1.3.18
- GNOME, Epiphany 1.4.4
- KDE, KDE prior to 3.0.5
- KDE, Konqueror 3.2.2-6
- Mozilla, Camino 0.8
- Mozilla, Firefox 0.10.1
- Mozilla, Mozilla 1.7.3
- Mysoft Technology, Maxthon 1.1.039
- Netscape, Navigator 7.2
- Omni Group, OmniWeb 5.0.1
- Opera, Opera 7.54
- Stilesoft, NetCaptor 7.5.2
Remedy:
For Opera:
Upgrade to the latest version (7.60 or later), when it becomes available from the Opera Web site. See References.
For KDE:
Upgrade to the latest version of KDE (3.3.1 or later), available from the KDE Web site. See References.
For Ubuntu Linux:
Refer to USN-155-2 and USN-155-3 for patch, upgrade, or workaround information. See References.
For other distributions:
Contact your vendor for upgrade or patch information.
Consequences:
Obtain Information
References:
- AppleCare Knowledge Base Document 61798, Security Update 2004-12-02 at http://docs.info.apple.com/article.html?artnum=61798.
- Full-Disclosure Mailing List, Wed Oct 20 2004 - 08:01:31 CDT, Secunia Research: Multiple Browsers Tabbed Browsing Vulnerabilities at http://archives.neohapsis.com/archives/fulldisclosure/2004-10/0750.html.
- KDE Web site, KDE Homepage at http://www.kde.org//.
- Opera Web site, Opera Web Browser at http://www.opera.com/.
- BID-11469: Apple Safari Cross-Domain Dialog Box Spoofing Vulnerability
- BID-11470: Maxthon Web Browser Cross-Domain Dialog Box Spoofing Vulnerability
- BID-11472: Avant Browser Cross-Domain Dialog Box Spoofing Vulnerability
- BID-11473: Mozilla Browser Cross-Domain Dialog Box Spoofing Vulnerability
- BID-11475: Opera Web Browser Cross-Domain Dialog Box Spoofing Vulnerability
- BID-11477: Konqueror Browser Cross-Domain Dialog Box Spoofing Vulnerability
- BID-11519: NetCaptor Cross-Domain Dialog Box Spoofing Vulnerability
- BID-11531: ICab Web Browser Cross-Domain Dialog Box Spoofing Vulnerability
- BID-11532: Slim Browser Cross-Domain Dialog Box Spoofing Vulnerability
- BID-11544: Omni Group OmniWeb Browser Cross-Domain Dialog Box Spoofing Vulnerability
- CVE-2004-1122: Safari 1.x to 1.2.4, and possibly other versions, allows inactive windows to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows, aka the Dialog Box Spoofing Vulnerability
- SA12892: Safari Dialog Box Spoofing Vulnerability
Reported:
Oct 20, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net