[security-alerts] FW: [SA23014] Internet Explorer 7 "onunload" Event Spoofing Vulnerability

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

> ----------------------------------------------------------------------
> 
> TITLE:
> Internet Explorer 7 "onunload" Event Spoofing Vulnerability
> 
> SECUNIA ADVISORY ID:
> SA23014
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/23014/
> 
> CRITICAL:
> Less critical
> 
> IMPACT:
> Spoofing
> 
> WHERE:
> From remote
> 
> SOFTWARE:
> Microsoft Internet Explorer 7.x
> http://secunia.com/product/12366/
> 
> DESCRIPTION:
> Secunia Research has discovered a vulnerability in Internet Explorer
> 7, which can be exploited by a malicious website to spoof the address
> bar.
> 
> The vulnerability is caused due to an error in Internet Explorer 7's
> handling of "onunload" events, enabling a malicious website to abort
> the loading of a new website. This can be exploited to spoof the
> address bar if e.g. the user enters a new website manually in the
> address bar, which is commonly exercised as best practice.
> 
> The vulnerability is confirmed on a fully patched Windows XP SP2
> system running Internet Explorer 7. Other versions may also be
> affected.
> 
> SOLUTION:
> Close all browser windows after visiting untrusted websites.
> 
> PROVIDED AND/OR DISCOVERED BY:
> Originally discovered by:
> * Jakob Balle, Secunia Research
> 
> Independently discovered and publicly disclosed by:
> * Michal Zalewski
> 
> ORIGINAL ADVISORY:
> Secunia Research:
> http://secunia.com/secunia_research/2007-1/
> 
> OTHER REFERENCES:
> Michal Zalewski:
> http://lists.grok.org.uk/pipermail/full-disclosure/2007-Februa
> ry/052630.html
>