Browser Security Test from Scanit

We have released 12 new tests for the most recent vulnerabilities in
Internet Explorer, Mozilla Firefox and Opera and a completely new
browser test engine, which allows us to test for more kinds of browser
bugs. The new engine even works without JavaScript.

The Browser Security Test is available at http://bcheck.scanit.be/bcheck/

Some of the new tests work by trying to crash the browser. If your
browser crashes during the test, restart it and return to
http://bcheck.scanit.be/bcheck/. The page will show which vulnerability
crashed your browser and offer you to continue the test or view the
results.

We have added checks for the following vulnerabilities:

1. Windows animated cursor overflow (CVE-2007-003
2. Mozilla crashes with evidence of memory corruption (CVE-2007-0777)
3. Internet Explorer bait & switch race condition (CVE-2007-3091)
4. Mozilla crashes with evidence of memory corruption (CVE-2007-2867)
5. Internet Explorer createTextRange arbitrary code execution
(CVE-2006-1359)
6. Windows MDAC ADODB ActiveX control invalid length (CVE-2006-5559)
7. Adobe Flash Player video file parsing integer overflow (CVE-2007-3456)
8. XMLDOM substringData() heap overflow (CVE-2007-2223)
9. Mozilla crashes with evidence of memory corruption (rv:1.8.1.5)
(CVE-2007-3734)
10. Opera JavaScript invalid pointer arbitrary code execution
(CVE-2007-436)
11. Apple QuickTime MOV file JVTCompEncodeFrame heap overflow
(CVE-2007-2295)
12. Mozilla code execution via QuickTime Media-link files ()

...screamer

 

I guess using noscript extension is considered as cheating when testing firefox

 

Yep, no fails with FF and NoScript

 

My Firefox passed without NoScript installed so I guess I am safe. Opera and Internet Explorer passed too. I suppose SandboxIE is working...

dja2k

 

K-Meleon (rv:1.8.1.6) passes (un-sandboxed).

 

NoScript seems to really do it's job well

...screamer

 

IE7 passed all tests.

 

Opera 9.23 passed with flying colors as usual

 

Opera 9.50 Kestrel , v9562 passed without a glitch

BHH

 

I also passed everything with IE/Maxthon, but I guess it´s because we´re all fully patched. It would be interesting to see how we would score on an unpatched machine. Perhaps someone can test this, I would have done it, but I´m having problems with VMware Workstation, ever since I upgraded.