Nailing the coffin
Microsoft just discovered a potentially dangerous bug. Heise-online has a thorough explaination of the issue.
So what's the bug? In short terms: IE6 and 7 handles images based on a mixture of MIME sniffing, content-type header and byte-header sniffing (alias signature). When extension, content-type and signature disagrees the MIME-type kicks in. The issue arises when the MIME-type indicates HTML and it tries to act on it.
So what's the danger? Websites that naively displays images from users may be vulnerable to cross-site scripting, phising attacks or other indirect attacks. If your websites doesn't check the image for consistency (which it should) you may make it vulnerable to these "attacks".
What's dangerous is not the fact that there's a bug but that Microsoft only intend to fix it for Internet Explorer 8 leaving a lot of people vulnerable. In all fairness they are trying to promote IE8 but one might argue there are better ways of motivating people.
Luckily the bug isn't that easily exploited. Let's hope the crackers of the world are feeling lazy for a few years...
Energisk software entreprenør og hypnoterapeut med flair for effektive metoder og elsker en god udfordring.
Pages
Recent Comments
- miss california sex tape on Digital signatur i Safari med Mac
- Henry Pedersen on Digital signatur i Safari med Mac
- Stéphane on New Mac OS X Plugin for jEdit
- Foon Sok on jEdit makes major release for first time in 5 years
- Jason B. on Javascript Stopwatch class
Tags
Blogroll
- Christian Jørgensen
- Lasse Nielsen
- Mads Sülau Jørgensen
- Mik Thobo-Carlsen
- Morten Barklund
- Oscar Eg Gensmann
- Rune Bromer
- Suds