Page 1 of 1

Firefox "vulnerabilities"

Posted: Thu Feb 17, 2005 9:25 am
by XMEN Gambit
Hey, you FF fans out there, this is just a news bulletin if you hadn't heard. There are tricks that can be used to compromise systems using a Firefox browser - though so far they all require user cooperation to some extent.

Eric Johanson recently put out an advisory demonstrating how "homograph attacks" can work against Firefox (and Konqueror). These attacks take advantage of international domain names, which can be written in non-ASCII character sets. The problem is that many non-ASCII characters are rendered just like (or very nearly like) characters in the ASCII set; as a result, a visually identical domain name can actually point somewhere unexpected. An example provided by Mr. Johanson is <pre>www.p&#1072;ypal.com</pre> which your browser renders as <pre>www.p&#1072;ypal.com (g: NOT really paypal!)</pre> This technique, clearly, could be used for phishing attacks - especially when one considers that SSL certificates can contain non-ASCII characters too. It is said that a short-term workaround for this problem is to turn off the network.enableIDN parameter in the about:config screen, but this workaround does not work for all users, and it does not persist across sessions.

Meanwhile, "mikx" has posted a set of three different Firefox vulnerabilities. "Fireflashing" is a trick that, in conjunction with the Flash plugin, can be used to trick a Firefox user into changing configuration parameters. The "firedragging" vulnerability gets around some restrictions to possibly allow a (Windows) user to put a web-supplied executable file onto the desktop. And "firetabbing" circumvents the isolation between sites when links are dragged to different tabs. All of these vulnerabilities have been acknowledge by the Mozilla Project and fixes have been committed.

These attacks are not truly devastating. They make certain kinds of phishing and social engineering attacks easier, but, hopefully, should not fool suitably careful users. But they do show that the level of interest in Firefox vulnerabilities is on the increase.
Text quoted from LWN