- From: Doyle, Bill <wdoyle@mitre.org>
- Date: Sun, 24 Jun 2007 08:16:40 -0400
- To: "Rachna Dhamija" <rachna.w3c@gmail.com>
- Cc: <public-wsc-wg@w3.org>
- Message-ID: <518C60F36D5DBC489E91563736BA4B5801815446@IMCSRV5.MITRE.ORG>
Item 3 seems to be a place where the WG has some agreement. Redirection, user agent is taken to an untrusted and unintended site. ________________________________ From: public-wsc-wg-request@w3.org [mailto:public-wsc-wg-request@w3.org] On Behalf Of Rachna Dhamija Sent: Tuesday, June 19, 2007 6:21 PM To: Doyle, Bill Cc: public-wsc-wg@w3.org Subject: Re: iframe tag attack On 6/19/07, Doyle, Bill <wdoyle@mitre.org> wrote: This enterprising company seems to have improved productivity. New Web Exploit at 10,000 Machines and Growing, Security Company Warns Seems to be a user agent issue, is this in or out of scope? If we unpack the attack, this question might be easier to answer: 1) Attacker compromises a web server using malware 2) User visits a legitimate, but compromised, website that includes malicious iframe 3) iframe causes browser to be redirected to a site with malicious javascript 4) malicious javascript detects the browser type and exploits browser vulnerabilities to download code, which then downloads other code (keyloggers, proxy, etc...) We have ruled 1 out of scope. How about the rest? I am hoping that we can use our list of attacks (i.e., the threat trees) to come to a better understanding on what is in and out of scope. Rachna
Received on Sunday, 24 June 2007 12:16:50 UTC