Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 




      :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug

> -----Original Message-----
> From: pdp (architect) [mailto:pdp.gnucitizen@xxxxxxxxxxxxxx] 
> Sent: Wednesday, April 04, 2007 11:24 PM
> To: full-disclosure@xxxxxxxxxxxxxxxxx; 
> bugtraq@xxxxxxxxxxxxxxxxx; WASC Forum; webappsec @OWASP
> Subject: [WEB SECURITY] Firefox extensions go Evil - Critical 
> Vulnerabilities in Firefox/Firebug
> http://www.gnucitizen.org/blog/firebug-goes-evil
> There is critical vulnerability in Firefox/Firebug which allows
> attackers to inject code inside the browser chrome. This can lead to a
> lot of problems. Theoretically everything is possible, from modifying
> the user file system to launching processes, installing ROOTKITs, you
> name it.
> I recommend to disable Firebug for now until the issue is fixed. The
> issues is a bit critical since Firebug is one of the most popular
> extensions for Firefox. Given the fact that a lot of the Firefox users
> are geeks, the chances to have Firebug installed in a random Firefox
> client are quite high.
> I wrote two POC to demonstrate the issue. You can find them from the
> page on the top of this message. The first POC runs calc.exe and
> cmd.exe on windows systems. The second POC does a count down from 10
> to 0 and executes calc.exe to prove that automatic execution is
> possible.
> -- 
> pdp (architect) | petko d. petkov
> http://www.gnucitizen.org
> --------------------------------------------------------------
> --------------
> Join us on IRC: irc.freenode.net #webappsec
> Have a question? Search The Web Security Mailing List Archives: 
> http://www.webappsec.org/lists/websecurity/
> Subscribe via RSS: 
> http://www.webappsec.org/rss/websecurity.rss [RSS Feed]


Copyright © Lexa Software, 1996-2009.