What type of script is this?

General discussion about the NoScript extension for Firefox
Post Reply
RickRasta
Posts: 1
Joined: Thu Dec 17, 2009 11:33 am

What type of script is this?

Post by RickRasta » Thu Dec 17, 2009 12:18 pm

I found this short animation that plays on this page: http://blog.avast.com/2009/12/10/100-million-users/ (The clip about the 100 millionth user). This plays even when no scripts are running. Could anyone use this type of script for more mischievous purposes?? Or what type of script is it that no script doesn't block? Or am I mistaken and this is not even any type of script?
Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6

User avatar
therube
Ambassador
Posts: 7669
Joined: Thu Mar 19, 2009 4:17 pm
Location: Maryland USA

Re: What type of script is this?

Post by therube » Thu Dec 17, 2009 2:51 pm

Not a "clip".
It's an animated gif. Just like this :oops: .

So whatever exploits that may exist against a gif render-er, I guess could be exploited.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.6) Gecko/20091206 SeaMonkey/2.0.1

User avatar
Giorgio Maone
Site Admin
Posts: 8935
Joined: Wed Mar 18, 2009 11:22 pm
Location: Palermo - Italy
Contact:

Re: What type of script is this?

Post by Giorgio Maone » Thu Dec 17, 2009 10:48 pm

therube wrote:So whatever exploits that may exist against a gif render-er, I guess could be exploited.

We should add that you can't do anything about it, short than disabling image display.
On the other hand, Jpeg, GIF and PNG decoders are relatively simple and tested enough today to make a viable exploit very unlikely, especially if compared to how easy is mounting an attack against Javascript or plugins.
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6 (.NET CLR 3.5.30729)

Tom T.
Field Marshal
Posts: 3620
Joined: Fri Mar 20, 2009 6:58 am

Re: What type of script is this?

Post by Tom T. » Tue Dec 29, 2009 9:12 am

Giorgio Maone wrote:
therube wrote:So whatever exploits that may exist against a gif render-er, I guess could be exploited.

We should add that you can't do anything about it, short than disabling image display.
On the other hand, Jpeg, GIF and PNG decoders are relatively simple and tested enough today to make a viable exploit very unlikely, especially if compared to how easy is mounting an attack against Javascript or plugins.

@ Giorgio: I have image.animation_mode set to "none". The Avast photos remain still images, as do all others. "Assuming" that an exploit were possible, would this prevent it, or are you saying that the exploit would be in one or more of the still images themselves, rather than in the animator?

I also have browser.blink_allowed set to "false".
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.20) Gecko/20081217 Firefox/2.0.0.20

Post Reply