Vigil@nce: Firefox, vulnerabilities of the password manager
December 2008 by Vigil@nce
Several vulnerabilities or weaknesses of the password manager
could be used by an attacker to obtain the password of a site.
– Gravity: 2/4
– Consequences: data reading
– Provenance: internet server
– Means of attack: no proof of concept, no attack
– Ability of attacker: expert (4/4)
– Confidence: unique source (2/5)
– Diffusion of the vulnerable configuration: medium (2/3)
– Number of vulnerabilities in this bulletin: 14
– Creation date: 16/12/2008
IMPACTED PRODUCTS
– Mozilla Firefox
DESCRIPTION
The password manager is used to store user passwords. It has
several vulnerabilities or weaknesses.
The password is entered in a form belonging to another web site,
without displaying a warning. [grav:1/4]
The password is entered in a form with a different access path.
[grav:2/4]
The password of a second access path can overwrite the first
password. [grav:1/4]
The password is entered in a form with a different protocol,
without displaying a warning. [grav:1/4]
The user can request the password by requesting a less secured
protocol. [grav:2/4]
The password is entered in a form, even if the "autocomplete"
feature is disabled. [grav:2/4]
The password is entered in a hidden form. [grav:2/4]
The password is entered in a form with a different HTTP method,
such as "GET". [grav:1/4]
The password is entered in a form with a different HTTP method,
without displaying a warning. [grav:1/4]
Different paths can not have different passwords. [grav:1/4]
The password is entered in a form with a different access path.
[grav:1/4]
The password is entered in a form with a different attribute name.
[grav:2/4]
The password is entered in a form without user interaction.
[grav:1/4]
The password associated to an account is changed without
requesting the user. [grav:1/4]
CHARACTERISTICS
– Identifiers: VIGILANCE-VUL-8335
– Url: http://vigilance.fr/vulnerability/8335