Re: Re: Re: Re: Re: Opera 9.6x file:// overflow
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Re: Re: Re: Re: Re: Opera 9.6x file:// overflow
- From: theindigowolf@xxxxxxxxx
- Date: Thu, 20 Nov 2008 16:30:15 +0000
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:x-rim-org-msg-ref-id :message-id:content-transfer-encoding:reply-to:x-priority :sensitivity:importance:to:subject:from:date:content-type :mime-version; bh=/WZ679BP6q+hHoIPbbdQ2yRv3qtXc3KK5AnebVrwbYQ=; b=Nmj1wai8BhShBgO6HX7Cozta4LSf5Tjj14imnPWEivW5eSRgZISE5ATOSRJg/v08N4 yejRC976hN05mZL9ErUN/Ly7ll9QTOi7CSiByz4m9DPQFAH9hbDX+lSbecMS63OPsSrp pheU6mh3dcJwO40LKJGzhmyzqGiG/sVrpDuDM=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=x-rim-org-msg-ref-id:message-id:content-transfer-encoding:reply-to :x-priority:sensitivity:importance:to:subject:from:date:content-type :mime-version; b=cWCVS3NOib4SnD8aB4wGk8RVG+0o7C/TdBii4QZufVxoAytMIQEAvAqvQD4WODqSAT hCdI3rZ8E63HB+xoQMFnXz1/oA6q3uAlpBP/iUHkB5hjy9uf2e4sU3DrcUk1XHpHweCa XA1NaIn2g1H5SReyZ1s8Igf018KkdY3H2y56k=
- Importance: Normal
- List-help: <mailto:bugtraq-help@securityfocus.com>
- List-id: <bugtraq.list-id.securityfocus.com>
- List-post: <mailto:bugtraq@securityfocus.com>
- List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
- List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
- Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
- Reply-to: theindigowolf@xxxxxxxxx
- Sensitivity: Normal
Does that also hold true if you use a javascript/java applet to deliver the URL
rather than just placing it in a text link?
------Original Message------
From: psy.echo@xxxxxxxxx
Sender:
To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Re: Re: Re: Re: Opera 9.6x file:// overflow
Sent: Nov 19, 2008 5:59 PM
Hi Peter,
Apropos File URI scheme, if you are saying about accessing a file with
something like file://abcd... in a link, 'over a network', then most of the
browsers (perhaps all) do not follow "file:" links on a page that is fetched
with "HTTP". The purpose is "security" or to prevent a remote page from
executing a program on the visitor's computer.
The file: links work on pages that are local files on the user's disk! Though
in some browsers these settings can be changed. That is why the Opera exploit
through file://abcd.... does not work on network.
Hope it answers your query!
--
Thanks & Regards,
Rishi Narang | Security Researcher
Member, Evil Fingers
Vulnerability Research Analyst, Third Brigade Labs
Blog: www.greyhat.in | Associations: www.evilfingers.com | www.thirdbrigade.com
.... eschew obfuscation, espouse elucidation.
Sent via BlackBerry by AT&T