lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <4BCF8608.6080804@security-assessment.com>
Date: Thu, 22 Apr 2010 11:11:04 +1200
From: Roberto Suggi Liverani <roberto.suggi@...urity-assessment.com>
To: <full-disclosure@...ts.grok.org.uk>
Subject: Security-Assessment.com WhitePaper/Addendum:
 Cross Context Scripting with Firefox & Exploiting Cross Context Scripting
 vulnerabilities in Firefox


   (    , )     (,
  .   `.' ) ('.    ',
   ). , ('.   ( ) (
  (_,) .`), ) _ _,
 /  _____/  / _  \    ____  ____   _____  
 \____  \==/ /_\  \ _/ ___\/  _ \ /     \ 
 /       \/   |    \\  \__(  <_> )  Y Y  \
/______  /\___|__  / \___  >____/|__|_|  /
        \/         \/.-.    \/         \/:wq 
                    (x.0)
                  '=.|w|.='
                  _='`"``=.

		presents..

Hi there,

For the last year, we have been focusing on 
Firefox Extension security and we have now
released a research paper and an addendum
on the topic of Cross Context Scripting (XCS).

The research paper "Cross Context Scripting 
with Firefox" demonstrates different ways of 
attacking Firefox extensions via Cross 
Context Scripting (XCS) vulnerabilities. 
Several XCS cases are detailed, including 
vulnerable extension code and exploit.

Cross Context Scripting with Firefox - Roberto Suggi Liverani
Link: http://www.security-assessment.com/files/whitepapers/Cross_Context_Scripting_with_Firefox.pdf

The addendum "Exploiting Cross Context 
Scripting vulnerabilities in Firefox" 
includes a number of exploits tailored 
for Cross Context Scripting vulnerabilities.

Exploiting Cross Context Scripting vulnerabilities in Firefox - Nick Freeman, Roberto Suggi Liverani
Link: http://www.security-assessment.com/files/whitepapers/Exploiting_Cross_Context_Scripting_vulnerabilities_in_Firefox.pdf


+--------+
|Abstract|
+--------+

Cross Context Scripting (XCS) is a term coined 
for a browser based content injection in the 
Firefox chrome zone. This term was originally 
used by researcher Petro D. Petkov (pdp), when 
David Kierznowski found a vulnerability in the 
Sage RSS Reader Firefox extension .
XCS injection occurs between different 
security zones, an untrusted and a trusted 
zone. 

This paper details several XCS cases. XCS 
attacks may be possible due to a lack of 
input filtering controls for example. 
However, other components may be vulnerable as 
well, including wrappers, XPCOM components, XUL 
overlays, the browser sandbox and DOM events.

This paper can be seen as complimentary to the 
presentations given at EUSecWest 2009 , DEFCON 17
and SecurityByte & OWASP AppSec Asia 2009  
security conferences.

+----------------+
|Acknowledgements|
+----------------+

Special thanks go to Paul Craig, kuza55 and
Stefano Di Paola for their invaluable feedback.


+-----------------------------+
|About Security-Assessment.com|
+-----------------------------+

Security-Assessment.com is a New Zealand based world
leader in web application testing, network security
and penetration testing. Security-Assessment.com
services organisations across New Zealand, Australia,
Asia Pacific, the United States and the United
Kingdom.

-- 
Roberto Suggi Liverani
Senior Security Consultant
Mob. +64 21 928 780
www.security-assessment.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ