General :
K-Meleon Web Browser Forum
Information about the sample URL related to View Image vulnarability has been released today.
When using this test URL
http://www.gavinsharp.com/tmp/ImageVuln.html
the behaviour of K-Meleon 0.9.13 is similar that Firefox 1.5.0.3 is.
When you choose View Image from the right-click menu Windows Media Player launch opening .wav file without user interaction too.
This issue is so-called local resourses linking vulnerability and broken image is used to exploit it.
Juha-Matti, thank you for the information.
The process needs an active participation of the user,
in order to open a broken image by right clicking and
selecting "view image". There also has to be installed
a plugin, that automatically would open the file with the
wrong filetype, It is advisable, to check image properties
by the right click menu, before following the order
"View Image", or better, not doing that at all at present.
Fred
Thanks for replying soon.
Yes, some user interaction is needed, i.e. instructions "Select View Image from right-click menu" etc.
I remember Secunia's advisory
http://secunia.com/advisories/19698/
from last month, their advice was (and is) not to use the "View Image" functionality on untrusted web sites.
For some reason this was not included to Firefox 1.5.0.3 update, but when we have FF1.5.0.4 then we have the fact about the fix in Gecko code too.
The new address of test URL is
http://www.gavinsharp.com/tmp/ImageVuln2.html
now.
The URL mentioned at my original posting includes summary about the security issue and some background information from the author Mr. Sharp.
General discussion about K-Meleon
0.9.13 is affected to View Image security issue
Posted by:
Juha-Matti
Date: May 07, 2006 08:57PM
Information about the sample URL related to View Image vulnarability has been released today.
When using this test URL
http://www.gavinsharp.com/tmp/ImageVuln.html
the behaviour of K-Meleon 0.9.13 is similar that Firefox 1.5.0.3 is.
When you choose View Image from the right-click menu Windows Media Player launch opening .wav file without user interaction too.
This issue is so-called local resourses linking vulnerability and broken image is used to exploit it.
Re: 0.9.13 is affected to View Image security issue
Posted by:
Fred
Date: May 07, 2006 09:53PM
Juha-Matti, thank you for the information.
The process needs an active participation of the user,
in order to open a broken image by right clicking and
selecting "view image". There also has to be installed
a plugin, that automatically would open the file with the
wrong filetype, It is advisable, to check image properties
by the right click menu, before following the order
"View Image", or better, not doing that at all at present.
Fred
Re: 0.9.13 is affected to View Image security issue
Posted by:
Juha-Matti
Date: May 07, 2006 10:15PM
Thanks for replying soon.
Yes, some user interaction is needed, i.e. instructions "Select View Image from right-click menu" etc.
I remember Secunia's advisory
http://secunia.com/advisories/19698/
from last month, their advice was (and is) not to use the "View Image" functionality on untrusted web sites.
For some reason this was not included to Firefox 1.5.0.3 update, but when we have FF1.5.0.4 then we have the fact about the fix in Gecko code too.
Re: 0.9.13 is affected to View Image security issue
Posted by:
Juha-Matti
Date: May 08, 2006 08:23PM
The new address of test URL is
http://www.gavinsharp.com/tmp/ImageVuln2.html
now.
The URL mentioned at my original posting includes summary about the security issue and some background information from the author Mr. Sharp.
English