lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 5 Dec 2012 21:21:44 +0100
From: Roberto Suggi Liverani <>
Subject: Multiple critical vulnerabilities in Maxthon and
	Avant browsers


Below you can find a short summary of discovered vulnerabilities in Maxthon
and Avant browsers.
Such vulnerabilities were demonstrated during HITBAMS2012 security
conference and more recently at HackPra.

Affected Products

- Maxthon (
- Avant Browser (

Security advisories

- [advisory] Maxthon multiple vulnerabilities:
- [advisory] Avant multiple vulnerabilities:

Individual security advisories, exploit modules and video links can be
found below.

[1] Maxthon - Cross Context Scripting - about: history - Remote Code

[metasploit module]

[2] Maxthon - Cross Context Scripting (XCS) - RSS - Remote Code Execution

[metasploit module]

[3] Maxthon - Privileged APIs on


[4] Maxthon - Cross Context Scripting (XCS) - Bookmark Toolbar and Bookmark
Sidebar - Code Execution


[5] Maxthon - Incorrect Executable File Handling and Same Origin Policy


[6] Avant Browser - Same of Origin Policy Bypass - browser:home

[BeEF module]

[7] Avant Browser - Stored Cross Site Scripting - Feed Reader


[8] Avant Browser - Cross Context Scripting - browser:home - Most Visited
And History Tabs



[presentation] HITBAMS2012 - Window Shopping: Browser Bugs Hunting in 2012
[presentation] HackPra - Cross Context Scripting attacks & exploitation -

Any further material, comments or updates will be communicated over
Twitter, at

Roberto Suggi Liverani

Content of type "text/html" skipped

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -

Powered by blists - more mailing lists