Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Microsoft / Internet Explorer

Internet Explorer

IE8 Beta 1 Attack Code Available in the Wild

Internet Explorer "Print Table of Links" cross-zone scripting vulnerability

By Marius Oiaga, Technology News Editor

16th of May 2008, 11:32 GMT

Adjust text size:


Internet Explorer
Enlarge picture
Security researcher Aviv Raff has released an example of attack code for Internet Explorer 7 and Internet Explorer 8 Beta 1 in the wild. According to Raff Microsoft's Internet Explorer browser is vulnerable to exploits targeting a Cross-Zone Scripting security flaw that affects the "Print Table of Links" feature. Under normal conditions, via "Print Table of Links", users are able to print not only a webpage but also a table with all the links
on the page in an appendix.

"An attacker can easily add a specially crafted link to a webpage (e.g. at his own website, comments in blogs, social networks, Wikipedia, etc.), so whenever a user will print this webpage with this feature enabled, the attacker will be able to run arbitrary code on the user's machine (i.e. in order to take control over the machine)", Raff explained.

According to the Israeli security researcher the vulnerability can be exploited on IE7 and IE8 Beta 1 running on Windows XP, in such a manner that an attacker could gain complete control over the operating system. The User Account Control mitigation built into Windows Vista prevents complete take-over of the platform, allowing only for information leakage. Raff managed not only to detail the vulnerability but also to make the proof-of-concept available for download. Microsoft was informed of the flaw last week but so far failed to deliver a patch.

"Whenever a user prints a page, Internet Explorer uses a local resource script which generates a new HTML to be printed. This HTML consists of the following elements: Header, webpage body, Footer, and if enabled, also the table of links in the webpage. While the script takes only the text within the link's inner data, it does not validate the URL of links, and add it to the HTML as it is. This allows to inject a script that will be executed when the new HTML will be generated", Raff added.

TAGS:

 IE7 | IE8 | Internet Explorer 8 | Beta 1 | vulberability


Rating:
Very Good (4.2/5) 5 vote(s) so far    

Read by 1,411 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Microsoft Launches IE 8 Beta 1 and IE7 Tree-Hugging Exclusive Website

IE8 Beta 1 Fixing What's Wrong with IE7

Opera 9.5 Beta 2 Available for Download

Mozilla Nearing the Finish Line for Firefox 3.0

XP SP3 Ships Complete with a Range of Issues that Survived RTM

Original XP SP3 RTM Integrated Slipstream ISO Images Leaked

Internet Explorer 8 Beta 1 ActiveX Security

Internet Explorer 8 Critical Zero-Day Security Vulnerability Released in the Wild

Installing Custom IE7 Optimized Packages on XP SP3 RTM

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive