Four New Browser Vulnerabilities Surface

Four new unpatched vulnerabilities have been published for Internet Explorer and Firefox, with two coming for each browser. The flaws were discovered by security researcher Michal Zalewski who published them to the Full Disclosure mailing list on Monday.

The most severe of the bugs is an issue in IE that could lead to cookie stealing and/or setting, page hijacking, and memory corruption. Zalewski referred to it as the "bait and switch vulnerability."

Navigating from one page to another within a domain allows an attacker to execute malicious JavaScript code that has the permissions of the previous page. The issue was found on fully-patched versions of both IE6 and IE7.

A vulnerability in Firefox comes as the second most serious issue. In that flaw, a cross-site IFRAME hijacking issue exists. The attacker could use about:blank frames to launch keyboard snooping and content spoofing attacks on the browser.

Next is another flaw in Firefox that allows the non-consentual download or execution of files. A sequence of what is called "blur" and "focus" operations bypasses delay timers and confirmation downloads allowing for the flaw to occur.

Finally, a spoofing vulnerability exists in IE6 that allows for specially-crafted websites to spoof address bar data. IE7 is not affected, however.