Bug fixed in Firefox still present in Opera 9 and IE7
A vulnerability fixed in Firefox 220.127.116.11 and Thunderbird is, according to security specialist Stefan Esser, still present in Internet Explorer 7 and Opera 9. The vendors were informed of the problem last year; however according to Esser, Opera has not reacted to the bug report at all. Microsoft did respond, with the accusation, however, that Esser had already gone public with the bug, and they would have liked to have been informed in advance. Esser has heard nothing from Microsoft since.
The problem discovered by Esser lies in the way browsers deal with web pages if the page's character encoding is not defined. Thus it is apparently possible to infiltrate cross-site scripting code coded as UTF-7 (Unicode Transformation Format-7) into a web page, for example as a comment to a blog entry, which when subsequently called in an IFrame is executed in the context of the page from which it is called.
According to the security advisory, the vulnerability is not present in Opera 8 or Internet Explorer 6.
- Multiple Browsers Cross Domain Charset Inheritance Vulnerability, advisory from Stefan Esser
- Improvements to help protect against Cross-Site Scripting attacks, security advisory from the Mozilla Foundation