Tweet
More problems for Firefox!
http://www.internetnews.com/security...le.php/3503506 :
Apparently the immediate solution requires disabling of javascript pending a proper fix.
Nice, isn't it? So, what happens to all those fancy rollover effects?
http://www.internetnews.com/security...le.php/3503506 :
It seems Mozilla's Firefox, the undisputed darling of the alternative browser set, isn't immune after all to the slings and arrows suffered by other popular interfaces.
On Saturday the Greyhats Security Group punctured the browser's aura of invincibility after it released details of two flaws that allow a malicious site to execute arbitrary code.
The advisory explains that the successful attacks involve two elements. The first flaw fools the browser into thinking software is being installed by a "whitelisted site." The second flaw occurs when the software installation trigger does not sufficiently check icon URLs containing JavaScript code.
On Saturday the Greyhats Security Group punctured the browser's aura of invincibility after it released details of two flaws that allow a malicious site to execute arbitrary code.
The advisory explains that the successful attacks involve two elements. The first flaw fools the browser into thinking software is being installed by a "whitelisted site." The second flaw occurs when the software installation trigger does not sufficiently check icon URLs containing JavaScript code.
Two vulnerabilities have been discovered in Firefox, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system.
1) The problem is that "IFRAME" JavaScript URLs are not properly protected from being executed in context of another URL in the history list. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an arbitrary site.
2) Input passed to the "IconURL" parameter in "InstallTrigger.install()" is not properly verified before being used. This can be exploited to execute arbitrary JavaScript code with escalated privileges via a specially crafted JavaScript URL.
1) The problem is that "IFRAME" JavaScript URLs are not properly protected from being executed in context of another URL in the history list. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an arbitrary site.
2) Input passed to the "IconURL" parameter in "InstallTrigger.install()" is not properly verified before being used. This can be exploited to execute arbitrary JavaScript code with escalated privileges via a specially crafted JavaScript URL.
Nice, isn't it? So, what happens to all those fancy rollover effects?
Comment