Google Toolbar Dialog Spoofing Vulnerability

To: <bugtraq@xxxxxxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Google Toolbar Dialog Spoofing Vulnerability
From: "avivra" <avivra@xxxxxxxxx>
Date: Tue, 18 Dec 2007 22:13:46 +0200
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:subject:date:message-id:mime-version:content-type:content-transfer-encoding:x-mailer:thread-index:content-language; bh=hFKiC+3daIS9jq4GCipwB7fInVa+pme1Pl2iZVxM2JY=; b=h8URGMvPifYg6AIT0bKwcWTWdWhuVI/Ec/jNFv79lrnMb/3+1Ub/72QIFYe2gvy4kAcFNLwaOi4qcI4ZTrmnpfq0HJP5xEaOTYqnZ65x1rxDe8RsSdFdHt9VczxNRv+bPlcIaohwNbDQ/M73fv+xABlzI/+Rg2k0ufmYwm7WTfw=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:subject:date:message-id:mime-version:content-type:content-transfer-encoding:x-mailer:thread-index:content-language; b=A0Sz5fCQo26hN+FzDqMuQFtbTKKziEaA8hTchydLA5BaynGKVh7BWHkgc8KC7Lu/wdZIWmTjKvp6k8v5pguv3E27pGpC/zP8G0ioSi/kxuAQsJH13kQK9muyRIAEmZrKMW9+AZFR9/9lxsHcPA1FGX5fbDxO+4PIepnuehyM8aY=
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Thread-index: AchBsn2cKvZGK5+/Q/643GgIY00xzw==

Google Toolbar allows spoofing the information presented in the dialog which
is being displayed when adding a new Google Toolbar button. This can allow
an attacker to convince the users that his button comes from a trusted
domain. This button can then be used to download malicious files or conduct
phishing attacks (e.g. show a login form of a bank).

Affected versions
* Google Toolbar 5 beta for Internet Explorer 
* Google Toolbar 4 for Internet Explorer 
* Google Toolbar 4 for Firefox (partially)

Technical details:
http://aviv.raffon.net/2007/12/18/GoogleToolbarDialogSpoofingVulnerability.a
spx

--Aviv.

Prev by Date: Tiger Team: New TV series about pen testers airing on CourtTV Dec 25 11 pm
Next by Date: AST-2007-027 - Database matching order permits host-based authentication to be ignored
Previous by thread: Re: Tiger Team: New TV series about pen testers airing on CourtTV Dec 25 11 pm
Next by thread: AST-2007-027 - Database matching order permits host-based authentication to be ignored
Index(es):
- Date
- Thread