Signature Detail

HTTP: Mozilla Java Script in IFRAME Src

This signature detects cross-site scripting attempts. Attackers can use an IFRAME tag, with maliciously crafted JavaScript code in the src parameter, to cause an input validation error.

Extended Description

Mozilla Firefox is prone to a security vulnerability that could result in the execution of arbitrary code without requiring user interaction. Initial analysis of the vulnerability reveals that the it relies on a three-stage attack that may lead to an arbitrary script gaining 'UniversalXPConnect' privileges. A remote atacker may be able to exploit this issue to take arbitrary actions on the vulnerable computer in the context of the user that is running the affcted browser. This vulnerability is reported in all versions of Mozilla Firefox browsers up to 1.0.3. To be exploitable, a site listed in a victim user's configuration to allow extension installation must be prone to a cross-site scripting vulnerability. By default, 'update.mozilla.org' and 'addon.mozilla.org' are both listed as trusted sites for extension installation. *Update: The cross-site scripting vulnerability that the publicly available exploit relied on in the mozilla.org domain has been fixed. This issue is no longer exploitable through this public attack vector.

Affected Products

• HP Secure Web Browser for OpenVMS Alpha 1.7.0 -7
• Mozilla Browser 1.0.0
• Mozilla Browser 1.0.0 RC1
• Mozilla Browser 1.0.0 RC2
• Mozilla Browser 1.0.1
• Mozilla Browser 1.0.2
• Mozilla Browser 1.1.0
• Mozilla Browser 1.1.0 Alpha
• Mozilla Browser 1.1.0 Beta
• Mozilla Browser 1.2.0
• Mozilla Browser 1.2.0 Alpha
• Mozilla Browser 1.2.0 Beta
• Mozilla Browser 1.2.1
• Mozilla Browser 1.3.0
• Mozilla Browser 1.3.1
• Mozilla Browser 1.4.0
• Mozilla Browser 1.4.0 A
• Mozilla Browser 1.4.0 B
• Mozilla Browser 1.4.1
• Mozilla Browser 1.4.2
• Mozilla Browser 1.4.4
• Mozilla Browser 1.5.0
• Mozilla Browser 1.5.1
• Mozilla Browser 1.6.0
• Mozilla Browser 1.7.0
• Mozilla Browser 1.7.0 Alpha
• Mozilla Browser 1.7.0 Beta
• Mozilla Browser 1.7.0 Rc1
• Mozilla Browser 1.7.0 Rc2
• Mozilla Browser 1.7.0 Rc3
• Mozilla Browser 1.7.1
• Mozilla Browser 1.7.2
• Mozilla Browser 1.7.3
• Mozilla Browser 1.7.4
• Mozilla Browser 1.7.5
• Mozilla Browser 1.7.6
• Mozilla Browser 1.7.7
• Mozilla Firefox 0.10.0
• Mozilla Firefox 0.10.1
• Mozilla Firefox 0.8.0
• Mozilla Firefox 0.9.0
• Mozilla Firefox 0.9.0 Rc
• Mozilla Firefox 0.9.1
• Mozilla Firefox 0.9.2
• Mozilla Firefox 0.9.3
• Mozilla Firefox 1.0.0
• Mozilla Firefox 1.0.1
• Mozilla Firefox 1.0.2
• Mozilla Firefox 1.0.3
• Mozilla Firefox Preview Release
• Netscape 7.0.0
• Netscape 7.1.0
• Netscape 7.2.0
• Netscape 8.0.0
• Red Hat Advanced Workstation for the Itanium Processor 2.1.0
• Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
• Red Hat Desktop 3.0.0
• Red Hat Desktop 4.0.0
• Red Hat Enterprise Linux Desktop Version 4
• Red Hat Enterprise Linux AS 2.1
• Red Hat Enterprise Linux AS 2.1 IA64
• Red Hat Enterprise Linux AS 3
• Red Hat Enterprise Linux AS 4
• Red Hat Enterprise Linux ES 2.1
• Red Hat Enterprise Linux ES 2.1 IA64
• Red Hat Enterprise Linux ES 3
• Red Hat Enterprise Linux ES 4
• Red Hat Enterprise Linux WS 2.1
• Red Hat Enterprise Linux WS 2.1 IA64
• Red Hat Enterprise Linux WS 3
• Red Hat Enterprise Linux WS 4
• SCO Unixware 7.1.4
• SGI Advanced Linux Environment 3.0.0
• SGI ProPack 3.0.0
• SuSE Linux Personal 9.0.0
• SuSE Linux Personal 9.0.0 X86 64
• SuSE Linux Personal 9.1.0
• SuSE Linux Personal 9.1.0 X86 64
• SuSE Linux Personal 9.2.0
• SuSE Linux Personal 9.2.0 X86 64
• SuSE Novell Linux Desktop 9.0.0
• SuSE SUSE Linux Enterprise Server 9
• Ubuntu Ubuntu Linux 5.0.0 4 Amd64
• Ubuntu Ubuntu Linux 5.0.0 4 I386
• Ubuntu Ubuntu Linux 5.0.0 4 Powerpc

References

• BugTraq: 13544
• CVE: CVE-2005-1476
• URL: http://www.frsirt.com/english/advisories/2005/0493
• URL: http://securitytracker.com/id?1013913