TIF loaded as doc, handled by quicktime, not blocked in Fx2
Posted: Mon Jan 18, 2010 10:52 pm
NS 1.9.9.36
InformAction Forums
NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/
TIF loaded as doc, handled by quicktime, not blocked in Fx2
Page 1 of 1
Re: TIF loaded as doc, handled by quicktime, not blocked in Fx2
Posted: Mon Jan 18, 2010 11:17 pm
Sample page?
Re: TIF loaded as doc, handled by quicktime, not blocked in Fx2
Posted: Mon Jan 18, 2010 11:27 pm
Sort of confirmed using NoScript 1.9.9.37 on Fx 2.0.0.20
http://aiw2.uspto.gov/.aiw?docid=us2005 ... 0050177789
The image has the placeholder, as expected, but middle-clicking on the placeholder opens the tiff fully displayed in a new tab instead of the new tab just having a placeholder.
In Fx 3.5.7 the new tab has a placeholder, as expected.
On the other hand, a tiff image isn't active content, is it? Is there any security breach or is this just a difference in how it's handled by NoScript in the two different versions of Firefox.
Note that tiff has to be enabled in QuickTime's MIME settings, which doesn't seem to be the default.
Edit: My Fx 2.0.0.20 crashed while I was repeating the tests.
http://aiw2.uspto.gov/.aiw?docid=us2005 ... 0050177789
The image has the placeholder, as expected, but middle-clicking on the placeholder opens the tiff fully displayed in a new tab instead of the new tab just having a placeholder.
In Fx 3.5.7 the new tab has a placeholder, as expected.
On the other hand, a tiff image isn't active content, is it? Is there any security breach or is this just a difference in how it's handled by NoScript in the two different versions of Firefox.
Note that tiff has to be enabled in QuickTime's MIME settings, which doesn't seem to be the default.
Edit: My Fx 2.0.0.20 crashed while I was repeating the tests.
Re: TIF loaded as doc, handled by quicktime, not blocked in Fx2
Posted: Mon Jan 18, 2010 11:42 pm
there is no page, just a local tif, google ext:tif
Re: TIF loaded as doc, handled by quicktime, not blocked in Fx2
Posted: Tue Jan 19, 2010 3:28 am
?
...Re: TIF loaded as doc, handled by quicktime, not blocked in Fx2
Posted: Tue Jan 19, 2010 3:44 am
http://forums.informaction.com/viewtopi ... 288#p14288
Giorgio Maone wrote:We should add that you can't do anything about it, short than disabling image display.therube wrote:So whatever exploits that may exist against a gif render-er, I guess could be exploited.
On the other hand, Jpeg, GIF and PNG decoders are relatively simple and tested enough today to make a viable exploit very unlikely, especially if compared to how easy is mounting an attack against Javascript or plugins.