JAR: protocol vulnerability in Firefox, word processor applications reported

An unpatched vulnerability in handling of JAR: protocol handler URL’s has been reported recently.

Information is available at GNUCITIZEN Blog. Link: Web Mayhem: Firefox’s JAR Protocol Issues.

Information was publicly disclosed by Petko D Petkov (aka pdp).

The issue was originally reported in Bugzilla document #369814 by Jesse Ruderman of Mozilla community. I.e. Mozilla security group is aware of the vulnerability.

The vulnerability is due to same origin and XSS issues when opening .JAR packages. The following file formats are known attack vectors: .zip, .doc, and .odt.

The blog entry states Mozilla Firefox and unspecified widely known Google and Microsoft products as affected. OpenOffice.org Writer, StarOffice Writer, NeoOffice Writer and AbiWord support opening these file types. Microsoft Office 2007 support is provided by an add-in.

Update: This has been assigned to CVE-2007-5947.