[Full-disclosure] DoS attacks on email clients via protocol handlers
sirdarckcat at gmail.com
Sat Jun 12 17:06:41 BST 2010
So that attack could allow
an attacker to annoy millions of people with email client popups when
an email/visit facebook.
it's important to note that the attack was in a redirection, so it's
asuming the website ensured that the starting URL was https?://
On Sat, Jun 12, 2010 at 6:00 PM, Eduardo Vela <sirdarckcat at gmail.com> wrote:
> Since I saw you mentioned
> http://www.mozilla.org/security/announce/2010/mfsa2010-23.html I think
> it would be important for you to know the difference between that
> vulnerability and yours.
> The reason that was fixed, was because it's generally considered safe
> to embed images pointing off site, and is acceptable to consider it's
> generally safe (with a few exceptions like referrer leaking, and basic
> auth prompts), and a lot of websites, and online applications, like
> gmail, or facebook to mention a few do it. So that attack could allow
> an attacker to annoy millions of people with iframes when they receive
> an email/visit facebook.
> That was considered risky enough to make a fix, but still was
> considered low risk.
> All of your attacks with URI schemes are not exploitable this way, and
> are completely useless for that matter, I would recommend you to think
> "could this attack be exploited in mass? would it make people loss
> money/time?" before making more of those advisories.
> -- Eduardo
Full-Disclosure is hosted and sponsored by Secunia.