[Windows] Internet Explorer 7 navcancl.htm Cross-Site Scripting Vulnerabilit

TITLE:
Internet Explorer 7 navcancl.htm Cross-Site Scripting Vulnerability

SECUNIA ADVISORY ID:
SA24535

VERIFY ADVISORY:
http://secunia.com/advisories/24535/

CRITICAL:
Less critical

IMPACT:
Cross Site Scripting, Spoofing

WHERE:
From remote

SOFTWARE:
Microsoft Internet Explorer 7.x http://secunia.com/product/12366/

DESCRIPTION:
Aviv Raff has discovered a vulnerability in Internet Explorer 7, which
can be exploited by malicious people to conduct phishing attacks.

An input validation error exists in the local resource page
“navcancl.htm” when generating the “Refresh the page” link. This can be
exploited to inject arbitrary script code to e.g. spoof the contents of
an arbitrary site when the user clicks on the “Refresh the page” link.

Secunia has constructed a test, which can be used to check if your
browser is affected by this issue:
http://secunia.com/Internet_Explorer_7_navcancl.htm_Cross-Site_Scripting
_Vulnerability/

The vulnerability is confirmed in Internet Explorer 7 on a fully patched
Windows XP SP2 system. Other versions may also be affected.

SOLUTION:
Do not follow links from untrusted sources.

Do not click the “Refresh the page” link when the “Navigation Canceled”
page is displayed.

PROVIDED AND/OR DISCOVERED BY:
Aviv Raff

ORIGINAL ADVISORY:
http://aviv.raffon.net/2007/03/14/PhishingUsingIE7LocalResourceVulnerabi
lity.aspx

Thursday 15 Mar 2007 | Guardian | Windows

Comments are closed.

Trackback this Post |