JEdit ActiveX Control Information Disclosure vulnerability
Publish Date: July 17, 2006
Status: SRLabs.net contacted with the vendor at July 7 2006 to request security
contact for sending information about vulnerability but couldn't get any response yet
Vendor: Jaguarsoft (http://www.jaguarsoft.com)
JEdit is a ActiveX Control for IE for anti keylogger purposes. Many banks in Turkey distribute
different builds of JEdit to users for protection.
SRLabs.net discover an information disclosure vulnerabiltiy in JEdit. An attacker can get those
sensitive information on the wild
- User's Machine Name
- Logged in windows user's name
- User's MAC Address
- User's IP adrress, which is binded user machine's ethernet
- User's Gateway IP adrress, which is binded user machine's ethernet
- User's HDD serial number
Build's affected from this vulnerability:
- Garanti Bankasi / Guvenlik Kalkani
- Anadolu Finans Kurumu / Anadolu Hisari
- Is Bankasi / Guvenlik Cemberi
- Turkishbank / E-Guard
Proof-of concept code can be viewed from http://www.srlabs.net/bulten/source/Jaguar.htm