It’s been an interesting couple of days for Firefox users. First Mozilla released version 16
of the popular browser on Wednesday, then quickly pulled it back
yesterday after a serious security vulnerability was found in the new
version. Less than 12 hours later, Mozilla had repaired the problem and re-released the updated browser, but not before exploit code was released.
The
attack exploits an issue where Firefox was exposing URL information
across Web domains by not restricting Javascript’s location method.
Mozilla director of security assurance Michael Coates said the
vulnerability could allow a malicious website to determine which
websites a user had surfed to and would leak URL information.
Eight lines of exploit code then appeared on a UK Javascript blog.
The author discovered a problem where an undefined value was converted
to a string inside a native function, a condition that could be abused,
the author surmised. The author decided to test his short Javascript
proof-of-concept on Twitter to determine if he could identify the user’s
Twitter handle.
Imperva, meanwhile, explained how the exploit would be carried out.
A user would have to land on the attacker’s site. The attacker would
then open a new browser window in Twitter; if the victim is signed in,
they would be redirected to a URL that contains a personal Twitter ID.
The attacker would then be able to query the new window and grab the
victim’s Twitter ID, Imperva said.
Coates’ initial post on the Firefox blog indicated Mozilla had no indication the vulnerability was being exploited in the wild.
Courtesy by Michael Mimoso
No comments:
Post a Comment