Cross Domain Scripting Vulnerability, Javascript

[Guest]

After running SCANIT browser security
test(http://bcheck.scanit.be/bcheck/index.php)
the ressult shows 1 Medium Risk Vulnerability.

The sites description is as follows:
---------------------------------------------------------
Microsoft Internet Explorer file:javascript: Cross Domain Scripting
Vulnerability (ldy20030910-01)

Description
This bug allows a web site to read the contents of any file on your
computer. The web site has to know the exact path and name of the file. A
malicious website may also be able to exploit this vulnerability to delete
mail from your webmail account or to spoof trusted websites.

Technical Details
It is possible to inject JavaScript code into Search bar and Media bar in
Internet Explorer using "file:javascript:.." URL. The code will be execurted
in the domain context of the document that was loaded in the bar.

A malicious web site can first open a document from any domain in Search bar
and then execute JavaScript code getting access to the document.

There is a technique that allows injecting JavaScript code into Local
Computer zone using this vulnerability. This allows a malicious web site to
get access to local files and even execute arbitrary code. See "Additional
Information" for details.

Recommendations
We recommend using Windows Update to correct this problem.
-----------------------------------------------------------

'Windows Update' tells me my all mine are current and no new ones available
for download.

I am using WIN XP Pro-SP2, have Java plugin 1.4.2_06 for Windows, and would
appreciate any help with correcting this problem if possible.

Brad

 

[Frank Saunders, MS-MVP IE/OE]

After running SCANIT browser security
test(http://bcheck.scanit.be/bcheck/index.php)
the ressult shows 1 Medium Risk Vulnerability.

The sites description is as follows:
---------------------------------------------------------
Microsoft Internet Explorer file:javascript: Cross Domain Scripting
Vulnerability (ldy20030910-01)

Description
This bug allows a web site to read the contents of any file on your
computer. The web site has to know the exact path and name of the
file. A malicious website may also be able to exploit this
vulnerability to delete mail from your webmail account or to spoof
trusted websites.

Technical Details
It is possible to inject JavaScript code into Search bar and Media
bar in Internet Explorer using "file:javascript:.." URL. The code
will be execurted in the domain context of the document that was
loaded in the bar.

A malicious web site can first open a document from any domain in
Search bar and then execute JavaScript code getting access to the
document.

There is a technique that allows injecting JavaScript code into Local
Computer zone using this vulnerability. This allows a malicious web
site to get access to local files and even execute arbitrary code.
See "Additional Information" for details.

Recommendations
We recommend using Windows Update to correct this problem.
-----------------------------------------------------------

'Windows Update' tells me my all mine are current and no new ones
available for download.

I am using WIN XP Pro-SP2, have Java plugin 1.4.2_06 for Windows, and
would appreciate any help with correcting this problem if possible.

Brad

JavaScript has nothing to do with Java. They aren't related.

1. You might want to refresh your scripting engine:
http://msdn.microsoft.com/library/default.asp?url=/nhp/default.asp?contentid=28001169
or
http://msdn.microsoft.com/library/default.asp?url=/downloads/list/webdev.asp
Windows Script 5.6 for Windows 2000 and XP
http://www.microsoft.com/downloads/...43-7e4b-4622-86eb-95a22b832caa&DisplayLang=en

Sometimes there's a corrupt file in the cache and one must go to Tools |
Internet Options and click Delete Files.

2a. Start>Run>Regsvr32 vbscript.dll

2b. Start>Run>Regsvr32 jscript.dll

(WinXP users who have problems with 2a and 2b, see
http://www.mvps.org/inetexplorer/answers_9.htm)

3. Re-register all DLLs listed in http://support.microsoft.com/?kbid=281679

4. See also
Error Message When You Browse the Web: An Error Has Occurred in the Script
on This Page
http://support.microsoft.com/?kbid=306831
Scripting Errors When You View Web Pages in Internet Explorer after
Installing Office 2003
http://support.microsoft.com/?kbid=822521

5a. IE Tools>Internet Options>Advanced>Browsing>Enable third-party browser
extensions (uncheck & reboot).

5b. Find the hijacker that caused 5a to be checked (or if none were checked,
check for hijackware anyway):

Dealing with Hijackware
http://mvps.org/winhelp2002/unwanted.htm
http://aumha.org/a/parasite.htm
http://www.mvps.org/inetexplorer/Darnit.htm

--
Frank Saunders, MS-MVP, IE/OE
Please respond in Newsgroup only. Do not send email
http://www.fjsmjs.com
Protect your PC
http://www.microsoft.com/security/protect/

 

[Guest]

JavaScript has nothing to do with Java. They aren't related.

1. You might want to refresh your scripting engine:
http://msdn.microsoft.com/library/default.asp?url=/nhp/default.asp?contentid=28001169
or
http://msdn.microsoft.com/library/default.asp?url=/downloads/list/webdev.asp
Windows Script 5.6 for Windows 2000 and XP
http://www.microsoft.com/downloads/...43-7e4b-4622-86eb-95a22b832caa&DisplayLang=en

Sometimes there's a corrupt file in the cache and one must go to Tools |
Internet Options and click Delete Files.

2a. Start>Run>Regsvr32 vbscript.dll

2b. Start>Run>Regsvr32 jscript.dll

(WinXP users who have problems with 2a and 2b, see
http://www.mvps.org/inetexplorer/answers_9.htm)

3. Re-register all DLLs listed in http://support.microsoft.com/?kbid=281679

4. See also
Error Message When You Browse the Web: An Error Has Occurred in the Script
on This Page
http://support.microsoft.com/?kbid=306831
Scripting Errors When You View Web Pages in Internet Explorer after
Installing Office 2003
http://support.microsoft.com/?kbid=822521

5a. IE Tools>Internet Options>Advanced>Browsing>Enable third-party browser
extensions (uncheck & reboot).

5b. Find the hijacker that caused 5a to be checked (or if none were checked,
check for hijackware anyway):

Dealing with Hijackware
http://mvps.org/winhelp2002/unwanted.htm
http://aumha.org/a/parasite.htm
http://www.mvps.org/inetexplorer/Darnit.htm

--
Frank Saunders, MS-MVP, IE/OE
Please respond in Newsgroup only. Do not send email
http://www.fjsmjs.com
Protect your PC
http://www.microsoft.com/security/protect/

Hello Frank,

thanks for the above, I have gone through all the suggestions, except for
re-installing IE6, but unfortunately I still get the same vulnerability
warning.

Regards, Brad

 

[Eric Lawrence [MSFT]]

The local computer zone in XP SP2 doesn't have permissions to execute
script, so I'm not sure that there's a real exploit here. I suspect perhaps
the scanner needs to be updated?

--
Thanks,

Eric Lawrence
Program Manager
Internet Explorer Trust

This posting is provided "AS IS" with no warranties, and confers no rights.

 

[Guest]

The local computer zone in XP SP2 doesn't have permissions to execute
script, so I'm not sure that there's a real exploit here. I suspect perhaps
the scanner needs to be updated?

--
Thanks,

Eric Lawrence
Program Manager
Internet Explorer Trust

I don't know what you mean by 'scanner', could use more details.

However, I may have found a solution, see this
link .

The fix calls for:

1) The vendor recommends that the "Drag and drop or copy and paste files"
option is disabled.
2) Set security level to high for the "Internet" zone.

BUT, when I set the Security level to High it always reverts to Medium.
Can anyone suggest why this happens? Am I overlooking anything?

TIA