subject:"Cross Script vulnerabilities in AOo Extensions\?"

Re: Cross Script vulnerabilities in AOo Extensions?

2016-04-07 Thread Fernando Cassia

On 4/7/16, toki wrote: > All: > > In reading > http://arstechnica.com/security/2016/04/noscript-and-other-popular-firefox-add-ons-open-millions-to-new-attack/ > is the same type of vulnerability is possible with AOo extensions? > > jonathon "By piggybacking off the

Re: Cross Script vulnerabilities in AOo Extensions?

2016-04-07 Thread toki

On 07/04/2016 16:35, Dennis E. Hamilton wrote: > Multi-component collaborative exploit staging is possible although unnecessary. Rephrasing: For the time being, at least, one can "safely" ignore this type of exploit, because other vectors are much easier to exploit. Still, for those who are

RE: Cross Script vulnerabilities in AOo Extensions?

2016-04-07 Thread Dennis E. Hamilton

ginal Message- > From: toki [mailto:toki.kant...@gmail.com] > Sent: Thursday, April 7, 2016 03:45 > To: dev@openoffice.apache.org > Subject: Cross Script vulnerabilities in AOo Extensions? > > All: > > In reading > http://arstechnica.com/security/2016/04/noscript-and-other-

Cross Script vulnerabilities in AOo Extensions?

2016-04-07 Thread toki

All: In reading http://arstechnica.com/security/2016/04/noscript-and-other-popular-firefox-add-ons-open-millions-to-new-attack/ is the same type of vulnerability is possible with AOo extensions? jonathon signature.asc Description: OpenPGP digital signature