Mozilla Firefox浏览器Javascript图象拖拉的漏洞

Mozilla Firefox 对图象拖拉处理不正确，远程攻击者可以利用这个漏洞窃取COOKIE信息。 Firefox 处理跨域图象拖拉存在问题，拖一个图象到地址栏会引起 Firefox 导航这个图象的URL，即使它是一个JavaScript URL ...

http://it.rising.com.cn/newSite/Channel ... 918528.htm

http://secunia.com/advisories/14406/

Mozilla Firefox Image Javascript URI Dragging Cross-Site Scripting

Secunia Advisory: SA14406 Print Advisory  
Release Date: 2005-03-01

Critical:
Less critical
Impact: Cross Site Scripting
Where: From remote
Solution Status: Unpatched

Software: Mozilla Firefox 0.x
Mozilla Firefox 1.x

Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.

Description:
Paul has reported a vulnerability in Mozilla Firefox, which can be exploited by malicious people to conduct cross-site scripting attacks.

The vulnerability is caused due to missing URI handler validation when dragging an image with a "javascript:" URL to the address bar. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an arbitrary site by tricking a user into dragging an image to the address bar.

This is similar to vulnerability 2 in:
SA14160

The vulnerability has been reported in version 1.0 and 1.0.1. Other versions may also be affected.

Solution:
Do not drag images to the address bar.

Provided and/or discovered by:
Paul (greyhats)

Other References:
SA14160:
http://secunia.com/advisories/14160/

secunia.com的原版报告如上，整篇文章没有一个地方提到“cookie”的字眼，不知道瑞星的牛人们是从哪里发觉出cookie问题的。

secunia推荐的解决方安是“不要拖动图片到地址栏”

Rising的所谓“cookie”估计指的是“session“