Hi malware fighters,
Put it to the test,
Title : Firefox file prompt delay bypass (MEDIUM)
Impact : non-consentual download or execution of files
Demo : http://lcamtuf.coredump.cx/ffclick2/
NoScript extension protects,
Explanation - It will download and open a HTML
page without your explicit consent, rendering it in the context of file:// URI scheme. Among
other security-related side effects, such a page will be able to access other files on your
local disk and transmit that data over the Internet. In this particular case, you will
be presented a directory index of C:\ (Windows only).
Technical notes: the demo will prompt you to hit RETURN repeatedly for reliability, but this is not a
prerequisite for exploitation - a single mouse click or keystroke is enough. Actions will be
carried at a fairly slow pace, but this is intentional, so that you get a chance to see what is
actually happening, and so that network hiccups have a lesser impact.
polonus