Re: [WEB SECURITY] Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug

2007-04-05 Thread Daniel Veditz
pdp (architect) wrote: http://www.gnucitizen.org/blog/firebug-goes-evil There is critical vulnerability in Firefox/Firebug which allows attackers to inject code inside the browser chrome. Good find. I recommend to disable Firebug for now until the issue is fixed. Firebug 1.03 is now

Re: [Full-disclosure] Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr)

2007-02-26 Thread Daniel Veditz
Michal Zalewski wrote: A quick test case that crashes while trying to follow partly user-dependent corrupted pointers near valid memory regions (can be forced to write, too): http://lcamtuf.coredump.cx/ietrap/testme.html Firefox problem is being tracked here:

Re: [Full-disclosure] Firefox: serious cookie stealing / same-domain bypass vulnerability

2007-02-15 Thread Daniel Veditz
Peter Besenbruch wrote: Ben Bucksch wrote: https://bugzilla.mozilla.org/show_bug.cgi?id=370445 Are we going to see a version 2.0.0.2 of Firefox soon? With all the Firefox bugs, we are about due. A 2.0.0.2 is in progress http://weblogs.mozillazine.org/qa/

Re: New Flaw in Firefox 2.0: DoS and possible remote code execution

2006-11-01 Thread Daniel Veditz
[EMAIL PROTECTED] wrote: When you have a NULL pointer dereference a code execution is also possible, so you can't exclude it at all. For example in this old flaw: http://securitytracker.com/alerts/2006/Apr/1016001.html In that example there was a way to influence the crash so that it was not

Re: [Full-disclosure] Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities

2006-03-07 Thread Daniel Veditz
Nick Boyce wrote: Hmmm. I didn't realise the Show Images setting got stored, and I don't think that's the best strategy from a privacy point of view. It surprised me, too. The threat model was spammers trying to verify live addresses, and in that model loading a webbug multiple times is no

Re: [Full-disclosure] Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities

2006-03-01 Thread Daniel Veditz
Daniel Veditz wrote: Renaud Lifchitz wrote: Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities We believe this to be a testing error. I responded too soon. This is indeed a problem in the current release version of Thunderbird 1.5

Re: [Full-disclosure] Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities

2006-02-28 Thread Daniel Veditz
Renaud Lifchitz wrote: Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities We believe this to be a testing error. The problem of loading remote iframe and css content was fixed prior to the release of Mozilla Thunderbird 1.0 The testcase included in the advisory contains the

Re: [Full-disclosure] Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities

2006-02-28 Thread Daniel Veditz
Daniel Veditz wrote: [a plain text message] Just got half a dozen bounces because my plain-text email supposedly contained Suspicious I-Frame.a (Malicious Mobile Code) virus. Those of you behind McAfee GroupShield barriers may not be getting the whole conversation here if people can't even use