SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Generic)  >   Google Toolbar Vendors:   Google
Google Toolbar Input Validation Hole in 'About' Page Lets Local Users Execute Scripting Code
SecurityTracker Alert ID:  1011351
SecurityTracker URL:  http://securitytracker.com/id/1011351
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Updated:  Sep 19 2004
Original Entry Date:  Sep 17 2004
Impact:   Execution of arbitrary code via local system, User access via local system
Exploit Included:  Yes  
Version(s): Tested on 2.0.114.1-big/en (GGLD)
Description:   Viper reported an input validation vulnerability in the Google Toolbar. A local user can execute arbitrary scripting code.

It is reported that the 'About' section of the Google Toolbar does not properly filter HTML code. A user can create HTML that, when loaded by the target user, will invoke the About page and execute arbitrary scripting code in the context of the page.

A demonstration exploit is provided:

<s c r i p t>
window.showModalDialog("res://C:\\Program%20Files\\Google\\GoogleToolbar1.dll/ABOUT.HTML",
"<div style=\"background-image:
url(javascript:alert(location.href));\">");
</s>

Rafel Ivgi subsequently reported that the 'res:' protocol cannot be invoked from the Internet zone, preventing this flaw from being directly exploitable by remote users.
Impact:   A user can cause scripting code to be executed in the Local Computer security zone.
Solution:   No solution was available at the time of this entry.
Vendor URL:  toolbar.google.com/ (Links to External Site)
Cause:   Input validation error
Underlying OS:   Windows (Any)

Message History:   None.

 Source Message Contents
Date:  Fri, 17 Sep 2004 09:51:10 +0100 (BST)
Subject:  GoogleToolbar:About -- Allows Script Injection


Affection Software : GoogleToolbar
Version : Tested on 2.0.114.1-big/en (GGLD)

Notes:
GoogleToolbar's About section allows injection of
script, since it lacks any checking. The following
code is a Proof Of Concept.

<s c r i p t>
window.showModalDialog("res://C:\\Program%20Files\\Google\\GoogleToolbar1.dll/ABOUT.HTML",
"<div style=\"background-image:
url(javascript:alert(location.href));\">");
</s c r i p t>

rgds,
Gregory R. Panakkal / Viper


________________________________________________________________________
Yahoo! India Matrimony: Find your life partner online
Go to: http://yahoo.shaadi.com/india-matrimony


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC