Comments on: IE finds JS in Images (old xss bug!) http://mituzas.lt/2008/01/03/ie-finds-js-in-images-old-xss-bug/ where ideas come and die Fri, 26 Feb 2010 17:15:26 +0000 hourly 1 http://wordpress.org/?v=3.0-alpha By: Tim is now vocal. « domas mituzas: vaporware, inc. http://mituzas.lt/2008/01/03/ie-finds-js-in-images-old-xss-bug/comment-page-1/#comment-188724 Tim is now vocal. « domas mituzas: vaporware, inc. Tue, 16 Dec 2008 10:51:49 +0000 http://dammit.lt/2008/01/03/ie-finds-js-in-images-old-xss-bug/#comment-188724 [...] him at Wikimedia. Now he has a blog, where the first entry is already epic by any standards. I mentioned the IE bug, and Tim has done thorough analysis on this one, and similar [...] [...] him at Wikimedia. Now he has a blog, where the first entry is already epic by any standards. I mentioned the IE bug, and Tim has done thorough analysis on this one, and similar [...]

]]> By: kuza55 http://mituzas.lt/2008/01/03/ie-finds-js-in-images-old-xss-bug/comment-page-1/#comment-188423 kuza55 Sat, 25 Oct 2008 08:34:37 +0000 http://dammit.lt/2008/01/03/ie-finds-js-in-images-old-xss-bug/#comment-188423 I just stumbled upon this page again, and I just had a look at the mediawiki fix you link to, and it's vulnerable. There are a bunch of other strings you need to filter (which I can't past here due to wordpress filtering) and you need to check the first 256 bytes, rather than the first 200 bytes. I just stumbled upon this page again, and I just had a look at the mediawiki fix you link to, and it’s vulnerable.

There are a bunch of other strings you need to filter (which I can’t past here due to wordpress filtering) and you need to check the first 256 bytes, rather than the first 200 bytes.

]]> By: burah http://mituzas.lt/2008/01/03/ie-finds-js-in-images-old-xss-bug/comment-page-1/#comment-176492 burah Fri, 01 Aug 2008 17:43:09 +0000 http://dammit.lt/2008/01/03/ie-finds-js-in-images-old-xss-bug/#comment-176492 The link to the fix is broken. Is another file available elsewhere? The link to the fix is broken. Is another file available elsewhere?

]]> By: mmm http://mituzas.lt/2008/01/03/ie-finds-js-in-images-old-xss-bug/comment-page-1/#comment-93591 mmm Mon, 07 Jan 2008 13:51:01 +0000 http://dammit.lt/2008/01/03/ie-finds-js-in-images-old-xss-bug/#comment-93591 With PNG files - yes, it is fixed. With other types, e.g., PDF - still exists. With PNG files – yes, it is fixed. With other types, e.g., PDF – still exists.

]]> By: brion http://mituzas.lt/2008/01/03/ie-finds-js-in-images-old-xss-bug/comment-page-1/#comment-93053 brion Sat, 05 Jan 2008 20:17:08 +0000 http://dammit.lt/2008/01/03/ie-finds-js-in-images-old-xss-bug/#comment-93053 We can only hope that other XSS bugs can also be fixed in the same 3-year-plus time window. :) We can only hope that other XSS bugs can also be fixed in the same 3-year-plus time window. :)

]]> By: kuza55 http://mituzas.lt/2008/01/03/ie-finds-js-in-images-old-xss-bug/comment-page-1/#comment-92762 kuza55 Fri, 04 Jan 2008 16:43:16 +0000 http://dammit.lt/2008/01/03/ie-finds-js-in-images-old-xss-bug/#comment-92762 IE still does auto-detection, however they have recently added a signature for PNG files (in the MS07-057 patch), so valid PNG files will never be recognised as HTML any more. Not that IE is perfect or anything, but this issue is not so much of an issue now that JPG/GIF/PNG files will never be detected as html. IE still does auto-detection, however they have recently added a signature for PNG files (in the MS07-057 patch), so valid PNG files will never be recognised as HTML any more.

Not that IE is perfect or anything, but this issue is not so much of an issue now that JPG/GIF/PNG files will never be detected as html.

]]>