-=PCTechTalk=- [SA12160] Mozilla / Mozilla Firefox "onunload" SSL Certificate Spoofing

• From: "Tempting2Taanzaa" <tempting2taanzaa@xxxxxxxx>
• To: <pctechtalk@xxxxxxxxxxxxx>
• Date: Mon, 26 Jul 2004 22:51:25 -0700

As taken from a Secunia Advisory:



TITLE:
Mozilla / Mozilla Firefox "onunload" SSL Certificate Spoofing

SECUNIA ADVISORY ID:
SA12160

VERIFY ADVISORY:
http://secunia.com/advisories/12160/

CRITICAL:
Moderately critical

IMPACT:
Spoofing

WHERE:
From remote

SOFTWARE:
Mozilla Firefox 0.x
http://secunia.com/product/3256/
Mozilla 1.7.x
http://secunia.com/product/3691/

DESCRIPTION:
Emmanouel Kellinis has reported a vulnerability in Mozilla and
Mozilla Firefox, allowing malicious sites to abuse SSL certificates
of other sites.

It is possible to make the browser load a valid certificate from a
trusted website by using a specially crafted "onunload" event. The
problem is that Mozilla loads the certificate from a trusted website
and shows the "secure padlock" while actually displaying the content
of the malicious website.

The URL shown in the address bar correctly reads that of the
malicious website.

This has been confirmed using Mozilla Firefox 0.9.2 and Mozilla 1.7.1
on Windows and Mozilla Firefox 0.9.1 on Linux. Other versions may also
be affected.

SOLUTION:
Do not follow links from untrusted websites.

Verify the correct URL in the address bar with the one in the SSL
certificate.

PROVIDED AND/OR DISCOVERED BY:
Emmanouel Kellinis

ORIGINAL ADVISORY:
http://www.cipher.org.uk/index.php?p=advisories/Certificate_Spoofing_Mozilla_FireFox_25-07-2004.advisory

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=taanzaa@xxxxxxxxxx

----------------------------------------------------------------------


To unsub or change your email settings:
http://www.freelists.org/webpage/pctechtalk

To access our Archives:
http://groups.yahoo.com/group/PCTechTalk/messages/
http://www.freelists.org/archives/pctechtalk/

For more info:
http://www.freelists.org/cgi-bin/list?list_id=pctechtalk

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription