Blogging With ScribeFire Firefox Could be Risky

What would you think and say if I told you that Mozilla Firefox has been hit by malicious users again? You might say I'm making things up or all of this is only vicious rumors, even after the long line of vulnerabilities discovered in Mozilla Firefox during the past several months. Do you remember the vulnerability identified in Firefox, SeaMonkey and Thunderbird at the beginning of this month or the vulnerability in Mozilla Firefox 3.5 announced in the middle of July? Those are only two of the huge number of vulnerabilities that have been exploited in Mozilla products.

The fact is that Firefox has been assaulted by malicious people again. This time a particular add-on, ScribeFire extension for Firefox, has been chosen as a target for the dark deeds of attackers. The vulnerability was reported and confirmed in version 3.4.1. It is important to know that earlier versions might also be vulnerable. Have you ever used ScribeFire or are you a current user of it? Undoubtedly, there are many computer users, even Mozilla Firefox users, that do not know what ScribeFire is.

So, let me briefly tell you what ScribeFire is and how it functions. ScribeFire is a full-featured blog editor that integrates with a browser and allows users to easily post to their blogs. Users can drag and drop formatted text from pages they are browsing, take notes, upload images, and post to multiple blogs. Blogging services that are compatible with ScribeFire include the well known and widely used WordPress, LiveJournal, Windows Live Spaces etc. In addition to hosted services, ScribeFire also supports custom blogging platforms such as Movable Type, Textpattern, Blogger, etc.

                                                                 Image 1.  ScribeFire application

Now get prepared to find out more about the vulnerability identified in this particular application. The first thing you need to know is where is the main cause of this issue began? The answer is in the fact that Input passed through "img" tags are not correctly sanitized before being used while images are dragged into the editing window. This can be exploited with the aim to execute arbitrary script code within the "chrome:" context and execute arbitrary commands on a user's vulnerable system. For successful exploitation, a user is required to drag an image from a malicious web page into the editing window.

You might be wondering which Firefox versions, ScribeFire 3.4.1 works with. It works with Mozilla Firefox: 3.0 - 3.5. Firefox can run on various versions of Windows like 2000/XP/2003/Vista. Some files related to Windows Server 2003 include: wadv07nt.sys, BADW2K.INF,  Accessibility.dll, IEExec.exe and faxinit.exe. Lastly, you might be curious as to  whether a solution to this serious security issue exists. Fortunately a solution is currently available. To get tackle the vulnerability in ScribeFire version 3.4.1, users are recommended to update to version 3.4.2 or later.