Seika wrote:
Is it possible?
Yes. Every browser has and will have remote code execution vulnerabilities when poked with the appropriate inputs. If you want details of past exploits, see the Mozilla security announcements and look at the corresponding bugs. Hooking up remote code execution to call back into Firefox code to preserve an apparently uncompromised browser is harder than just exeucting custom code, of course, but if you can get over the first hump you should be capable of getting over the second (although depending where the exploit lies you might have some fun ensuring all the necessary invariants for that are maintained -- compare a garbage collector bug to a type-safety bug, for instance). That said, I still don't understand why you're asking. You already knew that remote code execution exploits run with the privileges of Firefox, so from there it shouldn't have been a big jump to making Firefox do whatever evils the attacker wanted it to do. Jeff _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
