dock98 Posted February 18, 2008 Share Posted February 18, 2008 Opera, Firefox Bug Could Reveal Web TravelsAn intruder could manipulate a flaw in how the browsers handle image files to see where the user has been surfing.Jeremy Kirk, IDG News ServiceMonday, February 18, 2008 9:50 AM PSTA flaw in the way the Firefox and Opera browsers handle an image file could allow an attacker to see what Web sites a person has visited.The problem concerns how the two browsers handle a ".BMP," or bitmap, image file, according to an advisory written by Gynvael Coldwind of Vexillium.org, who posted a video illustrating the problem.A malicious bitmap file can be created that pulls other information from the browsers' memory. Some of the information that can be captured is random, but at other times could be valuable, the advisory said."The harvested data contains various information including parts of other Web sites, users' favorites and history and other information," Vexillium.org said.Using the "canvas" HTML (Hypertext Markup Language) tag supported by the browsers, an attacker can capture the data. Then, using JavaScript, the information can be sent to a remote server.full article Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.