Multiple Browser Frame Injection Spoofing

1998-12-03T00:00:00
ID OSVDB:7296
Type osvdb
Reporter Gary McKay(), Mark Laurence(m.laurence@groveindependentschool.co.uk), http-equiv(http-equiv@excite.com )
Modified 1998-12-03T00:00:00

Description

Vulnerability Description

Multiple Web Browsers contain a flaw that may allow a malicious user to spoof the content of websites. The issue is triggered when arbitrary content is loaded from a malicious website in an separate frame in another browser window. It is possible that this flaw may allow content to load that appears to originate from a trusted site, resulting in a loss of integrity.

Technical Description

While this vulnerability dates back to 1998, many web browsers since then have been coded with this issue. In other cases, some web browsers such as Firefox and Mozilla have fixed the vulnerability and then re-introduced it in later versions.

Solution Description

Depending upon the vendor, either upgrade to the most recent release or install the available patches, as these solutions have been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): do not visit or follow links from untrusted websites.

Short Description

Multiple Web Browsers contain a flaw that may allow a malicious user to spoof the content of websites. The issue is triggered when arbitrary content is loaded from a malicious website in an separate frame in another browser window. It is possible that this flaw may allow content to load that appears to originate from a trusted site, resulting in a loss of integrity.

References:

Vendor Specific Solution URL: http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01230 Vendor Specific News/Changelog Entry: https://bugzilla.mozilla.org/show_bug.cgi?id=246448 Vendor Specific News/Changelog Entry: http://bugs.debian.org/261740 Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Vendor Specific Advisory URL Security Tracker: 1011177 Secunia Advisory ID:13477 Secunia Advisory ID:16095 Secunia Advisory ID:16233 Secunia Advisory ID:16418 Secunia Advisory ID:16437 Secunia Advisory ID:16473 Secunia Advisory ID:16797 Secunia Advisory ID:17057 Secunia Advisory ID:11966 Secunia Advisory ID:12465 Secunia Advisory ID:13486 Secunia Advisory ID:13560 Secunia Advisory ID:15432 Secunia Advisory ID:16141 Secunia Advisory ID:16157 Secunia Advisory ID:16257 Secunia Advisory ID:16326 Secunia Advisory ID:16446 Secunia Advisory ID:17645 Secunia Advisory ID:12283 Secunia Advisory ID:12343 Secunia Advisory ID:12725 Secunia Advisory ID:12491 Secunia Advisory ID:15602 Secunia Advisory ID:16151 Secunia Advisory ID:16197 Secunia Advisory ID:16894 Secunia Advisory ID:17235 Secunia Advisory ID:11978 Secunia Advisory ID:12284 Secunia Advisory ID:12495 Secunia Advisory ID:12521 Secunia Advisory ID:12747 Secunia Advisory ID:15601 Secunia Advisory ID:16164 Secunia Advisory ID:16168 Secunia Advisory ID:16230 RedHat RHSA: RHSA-2005:587 RedHat RHSA: RHSA-2005:586 Other Advisory URL: http://security.gentoo.org/glsa/glsa-200408-13.xml Other Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:082 Other Advisory URL: http://rhn.redhat.com/errata/RHSA-2004-412.html Other Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:150 Other Advisory URL: http://www.kde.org/info/security/advisory-20041213-1.txt Other Advisory URL: http://www.ubuntulinux.org/support/documentation/usn/usn-149-1 Other Advisory URL: http://lists.suse.com/archive/suse-security-announce/2005-Jul/0006.html Other Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20050802-01-U.asc Other Advisory URL: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.440345 Other Advisory URL: http://www.suse.de/de/security/2004_36_mozilla.html Other Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200412-16.xml Other Advisory URL: ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.25/SCOSA-2005.25.txt Other Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.418880 Other Advisory URL: http://www.debian.org/security/2005/dsa-810 Other Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:086 Other Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000864 Other Advisory URL: http://security.gentoo.org/glsa/glsa-200507-14.xml Other Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200507-24.xml Other Advisory URL: http://www.ubuntulinux.org/support/documentation/usn/usn-155-1 Other Advisory URL: http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:128 Other Advisory URL: http://www.novell.com/linux/security/advisories/2005_45_mozilla.html Other Advisory URL: http://www.debian.org/security/2005/dsa-775 Other Advisory URL: http://www.debian.org/security/2005/dsa-777 Microsoft Security Bulletin: ms98-020 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2004-10/1036.html Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2004-10/1038.html Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2004-10/1037.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-09/0236.html Keyword: HPSBOV01229 Keyword: SSRT5999 Keyword: SCOSA-2005.49 ISS X-Force ID: 1598 Generic Exploit URL: http://packetstormsecurity.org/0401-exploits/malwareSpoof.txt CVE-2004-0718 CVE-2004-0721 CVE-2004-0719 CVE-2004-0720 CVE-2005-1937 CVE-2004-1158 CVE-2004-0717 Bugtraq ID: 11140 Bugtraq ID: 10921