Bug fixed in Firefox still present in Opera 9 and IE7
A vulnerability fixed in Firefox 2.0.0.2 and Thunderbird is, according to security specialist Stefan Esser, still present in Internet Explorer 7 and Opera 9. The vendors were informed of the problem last year; however according to Esser, Opera has not reacted to the bug report at all. Microsoft did respond, with the accusation, however, that Esser had already gone public with the bug, and they would have liked to have been informed in advance. Esser has heard nothing from Microsoft since.
In comparison with the other seven vulnerabilities fixed at the weekend, the XSS vulnerability is not particularly critical. It merely makes it easier to slip past JavaScript filters intended to prevent cross-site scripting (XSS) attacks. However, XSS is becoming a real plague, affecting many web pages and browsers, so that minimising such bugs in all products is desirable.
The problem discovered by Esser lies in the way browsers deal with web pages if the page's character encoding is not defined. Thus it is apparently possible to infiltrate cross-site scripting code coded as UTF-7 (Unicode Transformation Format-7) into a web page, for example as a comment to a blog entry, which when subsequently called in an IFrame is executed in the context of the page from which it is called.
According to the security advisory, the vulnerability is not present in Opera 8 or Internet Explorer 6.
- Multiple Browsers Cross Domain Charset Inheritance Vulnerability, advisory from Stefan Esser
- Improvements to help protect against Cross-Site Scripting attacks, security advisory from the Mozilla Foundation
(ehe)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
