Fresh Javascript Browser Exploit

Discussion in 'News and Article Comments' started by syngod, Jun 26, 2005.

  1. syngod

    syngod Moderator

    Likes Received:
    15
    Trophy Points:
    18
    Hot on the heels of an exploit which allowed Javascript popups to appear in front of another site, Neowin has learned of another, potentially more dangerous, use for the script.

    The latest problem, reported to us by Neowin user flanderssoft, centres around the ability to refresh a page other than the one currently open - if that page has loaded a popup in the first place. It would allow visitors clicking on a malicious link to Hotmail to initially be served with the correct page, before being transferred seconds later to one which looks identical on another server. If the URLs were similar, it's likely many users wouldn't notice the change.

    The exploit sample below only works on IE: however, tests seem to suggest it may work on other browsers. The only reason it doesn't in this case is the use of an unusual extension (.srf) throwing them off.

    It's likely this exploit, like the previous one, may not be patched; many sites use this ability in a legitimate way to refresh a page after a link in another window is clicked. Therefore the only way to avoid it is, as always, to not click suspicious links - or to disable Javascript.

    Sample Exploit

    Source: Neowin
     
    Sniper likes this.

Share This Page