"Yes, you can have fun with [web browser] downloads" revisited two years later

Discussion in 'other security issues & news' started by MrBrian, Sep 4, 2014.

  1. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    From Yes, you can have fun with downloads:
    Original thread: https://www.wilderssecurity.com/threads/browser-pocs-to-test.325288/.

    Apparently this hasn't been fixed in any of the affected browsers yet.
     
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    What is supposed to happen when you click on http://lcamtuf.coredump.cx/fldl/?

    I get redirected to http://get.adobe.com/nl/flashplayer/ and it looks like a download of Flash Player is presented twice? :)
     
    Last edited by a moderator: Sep 11, 2014
  3. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    The downloads are attacker-controlled, not from Adobe.
     
  4. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Wow, for real? This really should be fixed ASAP. :cautious:
     
  5. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Yes! Check its file properties.
     
  6. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Yes forgot to actually download the files, this is a huge bug if you ask me. :thumbd:
     
  7. I was surprised it bypassed signing check, but the file details explains it all
     

    Attached Files:

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.