Date: Tue, 14 Sep 2010 10:04:40 -0700
From: Lyndon Nerenberg <lyndon@...ck.com>
To: bugtraq@...urityfocus.com
Subject: [FLOCK-SA-2010-03] Flock Browser: javascript: url with a leading
 NULL byte can bypass cross origin protection (XSS)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

FLOCK-SA-2010-03

http://flock.com/security/

Title:          javascript: url with a leading NULL byte can bypass
                cross origin protection (XSS)

Impact:         High

Announced on:   2010-09-09

Affected Products:      Flock 3 versions prior to 3.0.0.4112

CVEs (cve.mitre.org):   CVE-2010-1236

Details:

A javascript: url with a leading NULL byte can bypass cross origin
protection, which has unspecified impact and remote attack vectors.

Credit to kuzzcc (for Chromium) and Lostmon Lords (for Flock).

References:     https://bugs.webkit.org/show_bug.cgi?id=35948
                http://code.google.com/p/chromium/issues/detail?id=37383


-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJMj6snAAoJEPzFtDWO6ceqQ9sQAJdW6oNQqL5QglNP53pQ17Be
LnwWdsAQ8vNtUwlGvBJnlSbVELXtR1TnrJ8DQiUH+qgWqiiSUPQmoTb1O6wE4rXZ
tyLZAmCK4vjZdonJQ4Cb2vx+QT+aSd7r+14E1JESjQBE3t8iVirFeElVNS8Jui2l
/C++r3nQI0BLK6fc9eQzxHp7eBXCcu7YGw24QMA+xmkagJEI7a4Ijio36Gh7huqJ
6nwzZNYccl0aziepnTN9vC1C/z8/xEVBMjJv9K3SZ3n3Xdth2LfmC9Zl+7OP57Sb
LhZUgkTQsE4spsd7BFUfIkB3fbGH1m3X9SnmR6enDuN1bd0nxML95FZGz6jHnMhz
Kw0Gj02D/25QPe4bdwvuR5C//xxms4bd6Sku27tEaYHzfiqS3MzkAhbgiHKJtukP
5qn3EmwWGVnWUnw30+jUyKfcnsKrJ2991vYseP3dOEMNL4YDz8hPnCYPxnHUDpIz
YX9E8XNHOg5l6fnRLWTnRkeeQqMWZC+1XsMkoOe7Yj5Gx2aylK13N8flFx7Jk/vZ
lHYSGYiymFmFqjjCIGIddXbTvW3D/rEboTxwoMkUXdq9rCwUIRHA8k8zOS709tqY
lLg5+vsah2PT5WD1MJCzke3fQmr+g35Jfqppa/x9nEWhHsWBSBsZfFTCXL9lWz6w
fqrdrSEPNI2jMVBTeVeC
=/KZw
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists