Secunia Research has reported a vulnerability, which affects most browsers. The vulnerability can be exploited by a malicious web site to "hi-jack" a named browser window, regardless of which web site is the true "owner" of the window.

You can find a test on their website: http://secunia.com/multiple_browsers_window_injection_vulnerability_test/

My question is now: How can we protect our websites for this vulnerability? Ok, we can wait until a bugfix will be available for all browsers. Should we test every second if the opened window is from the same location as we started?

4 Comments

• Aviv Raff said Thursday, December 9, 2004 1:05:00 PM

  You can just check that the location is in the same domain, by trying to access the document in the frame. If it fails for permissions, it means that the frame location is on other domain and was probably hijacked.

• Michael said Thursday, December 9, 2004 1:34:00 PM

  Yes, but do you want to check for this every second, or only one time? And, what is if you have found that the window has been hijacked, you cannot modify the content... and the user will enter his credentials what ever.
  
  Any good idea?

• Aviv Raff said Thursday, December 9, 2004 1:46:00 PM

  I think it should be checked within a reasonable interval.
  If it was hijacked, you should alert the user, and close the popup window (after all, you do have a pointer to the window, right?).

• Michael said Thursday, December 9, 2004 3:19:00 PM

  Hmm, I will try this, but I think I cannot close the window because of access rights. Perhaps I can create a new window the same window name.