Quicktime Javascript exploit (the MySpace worm)

Discussion in 'Apple' started by Mr. Uh Clem, Dec 5, 2006.

  1. Mr. Uh Clem

    Mr. Uh Clem Guest

    After reading the limited coverage of the MySpace worm such as
    http://www.zdnetasia.com/news/security/0,39044215,61972289,00.htm,
    I'm left with some questions.

    1.) Does this affect both Windows & OS X?

    2.) Does this affect all browsers that use the Quicktime plugin?
    Are some more secure than others?

    3.) Is there a way to turn off the bloody javascript in the
    Quicktime plugin?

    4.) Does this vulnerability itself pose a threat to the exploited
    computer?


    I don't personally use MySpace, but the word does need to get
    out and I'm curious about the vulnerability itself. My gut says
    this worm is completely cross-platform, but I haven't seen much
    on the details of what is vulnerable in terms of browsers &
    operating systems.
     
    Mr. Uh Clem, Dec 5, 2006
    #1
    1. Advertisements

  2. Mr. Uh Clem

    Mr. Uh Clem Guest

    But the next paragraph says: "The same happens when viewing an
    infected page with Firefox, according to a CNET News.com reader who
    had his MySpace profile compromised." (I hadn't caught that before -
    so it IS cross browser.) I've seen nothing to rule out OS X...
     
    Mr. Uh Clem, Dec 5, 2006
    #2
    1. Advertisements

  3. Mr. Uh Clem

    ZnU Guest

    The exploit is using a designed feature of the QuickTime plug-in. An
    unintentional behavior might only exist on one platform, due to an
    error, but an intentional behavior is presumably going to exist across
    all platforms.

    Browsers implicitly trust scripts loaded from a domain to manipulate
    pages hosted on that domain, on the basis that if something is hosted on
    a domain, it must legitimately belong there. This assumption clearly
    breaks down with sites like MySpace that let untrusted users upload
    arbitrary content.
    No. It's basically just using JavaScript to manipulate some data on a
    web page.
     
    ZnU, Dec 5, 2006
    #3
  4. Mr. Uh Clem

    bogdan Guest

    """Mr. Uh Clem ÐÉÓÁÌ(Á):
    """

    http://magegame.ru/?rf=626f6764616e
     
    bogdan, Dec 6, 2006
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.