Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:EXT:DOT-XUL

Severity

 Low

Recommended

 No

Category

 HTTP

Keywords

 Mozilla Firefox XUL Browser Interface Spoofing

Release Date

 2005/02/15

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Mozilla Firefox XUL Browser Interface Spoofing


This signature detects an attempt to download a Mozilla Firefox XML User Interface Language file. Opening a malicious .xul file can allow for arbitrary code execution, leading to system compromise. This vulnerability is present in Firefox versions prior to version 0.9. Please note that there are legitimate uses for this file type. Therefore, not all instances of this signature might be an actual attack.

Extended Description

Mozilla Firefox is reported prone to an interface spoofing vulnerability. The issue presents itself because JavaScript code is allowed to hide the Mozilla Firefox interface and status bar by default. A fake Mozilla firefox interface may be created using the XML User Interface Language API, this interface may aid in phishing style attacks. This misrepresentation may fool a user into trusting a malicious site, which would likely ask the user to submit sensitive or private information.

Affected Products

  • Conectiva Linux 10.0.0
  • Conectiva Linux 9.0.0
  • Mozilla Browser 1.0.0
  • Mozilla Browser 1.0.0 RC1
  • Mozilla Browser 1.0.0 RC2
  • Mozilla Browser 1.0.1
  • Mozilla Browser 1.0.2
  • Mozilla Browser 1.1.0
  • Mozilla Browser 1.1.0 Alpha
  • Mozilla Browser 1.1.0 Beta
  • Mozilla Browser 1.2.0
  • Mozilla Browser 1.2.0 Alpha
  • Mozilla Browser 1.2.0 Beta
  • Mozilla Browser 1.2.1
  • Mozilla Browser 1.3.0
  • Mozilla Browser 1.3.1
  • Mozilla Browser 1.4.0
  • Mozilla Browser 1.4.0 A
  • Mozilla Browser 1.4.0 B
  • Mozilla Browser 1.4.1
  • Mozilla Browser 1.4.2
  • Mozilla Browser 1.5.0
  • Mozilla Browser 1.6.0
  • Mozilla Browser 1.7.0
  • Mozilla Browser 1.7.0 Rc3
  • Mozilla Browser 1.7.1
  • Mozilla Firefox 0.10.0
  • Mozilla Firefox 0.10.1
  • Mozilla Firefox 0.8.0
  • Mozilla Firefox 0.9.0
  • Mozilla Firefox 0.9.0 Rc
  • Mozilla Firefox 0.9.1
  • Mozilla Firefox 0.9.2
  • Mozilla Firefox 0.9.3
  • Mozilla Firefox 1.0.0
  • Mozilla Firefox Preview Release
  • Mozilla Thunderbird 0.7.0
  • Red Hat Fedora Core1
  • Red Hat Linux 7.3.0
  • Red Hat Linux 7.3.0 I386
  • Red Hat Linux 7.3.0 I686
  • Red Hat Linux 9.0.0 I386
  • SCO Unixware 7.1.4
  • SGI Advanced Linux Environment 3.0.0
  • SuSE Linux 8.1.0
  • SuSE Linux Desktop 1.0.0
  • SuSE Linux Personal 8.2.0
  • SuSE Linux Personal 9.0.0
  • SuSE Linux Personal 9.0.0 X86 64
  • SuSE Linux Personal 9.1.0
  • SuSE SUSE Linux Enterprise Server 8
  • SuSE SUSE Linux Enterprise Server 9

References

  • BugTraq: 10832
  • CVE: CVE-2004-0764
  • URL: http://www.securityfocus.com/bid/10832
  • URL: http://xforce.iss.net/xforce/xfdb/16837

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out