Search plugin cross-site scripting
- April 15, 2005
- Michael Krax
- Firefox, Mozilla Suite
- Fixed in
- Firefox 1.0.3
- Mozilla Suite 1.7.7
If the user installs a search plugin from a malicious site the new search plugin could silently replace an existing one by choosing the same filename and using a long enough server path to push the filename part off the edge of the confirmation dialog. To the user it would appear as if the new plugin failed to install, but searches performed using the overwritten plugin would be handled by the malicious one. If the ultimate results came from redirecting to the original site this could remain undetected for some time. The malicious site could use this to track people's search history, or perhaps to add their own paid results at the top of what the user would assume to be a reputable search site.
New search plugins no longer overwrite existing ones. If you need to reinstall or upgrade an existing search plugin you will have to find and manually delete the old one first
Do not install search plugins from untrusted sources.