It is currently 26-09-2017 15:37

A vulnerability in multiple browsers allowed you to replace the URL in the address bar

A vulnerability in multiple browsers allowed you to replace the URL in the address bar

by sigismund » 2016-08-17 17:59:14


Some vendors still working on security patch.


Pakistani security expert Rifai Baloch (of Rafay Baloch discovered vulnerabilities in Chrome, Firefox and other browsers that allows you to replace the URL in the address bar. Problem, particularly as it affects Chrome for Android related to the processing of text in Hebrew and Arabic, is written, as you know, from right to left.

If the attacker uses a URL that starts with IP address and contains Arabic letters, the host and the path swapped. For example, the URL 127.0.0.1/ا/__tp://example.com turns into __tp://example.com/ا/127.0.0.1 because it contains the Arabic letter "ا" (Aleph). The method works with any other Arab symbol.

As explained by the expert for the successful implementation of the attack part of the URL with the IP address can easily be hidden, especially in mobile browsers (if you select a long URL, for example google.com/fakepath/fakepath/fakepath/... /127.0.0.1).

A similar vulnerability (CVE-2016-5267) was previously discovered in Firefox. However, in the case of the Mozilla browser from the URL does not need to begin with IP addresses, we need only Arabic characters. For example, __tp://عربي.امارات/google.com/test/test/test becomes google.com/test/test/test/عربي.امارات.

Google has been known about the vulnerability a year ago. In may of this year Baloch informed the company about the same problem in Chrome for Android, and in late June it was fixed. Mozilla has fixed the vulnerability on August 2. According to researchers, the problem affects other browsers, including desktop. Unlike Google and Mozilla unnamed vendors still working on updating.
sigismund
moderators
Сообщений: 788
Депозит: 0 BTC

Rating: 5