Thread-topic: Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug
> -----Original Message-----
> From: pdp (architect) [mailto:pdp.gnucitizen@xxxxxxxxxxxxxx]
> Sent: Wednesday, April 04, 2007 11:24 PM
> To: full-disclosure@xxxxxxxxxxxxxxxxx;
> bugtraq@xxxxxxxxxxxxxxxxx; WASC Forum; webappsec @OWASP
> Subject: [WEB SECURITY] Firefox extensions go Evil - Critical
> Vulnerabilities in Firefox/Firebug
>
>
>
> There is critical vulnerability in Firefox/Firebug which allows
> attackers to inject code inside the browser chrome. This can lead to a
> lot of problems. Theoretically everything is possible, from modifying
> the user file system to launching processes, installing ROOTKITs, you
> name it.
>
> I recommend to disable Firebug for now until the issue is fixed. The
> issues is a bit critical since Firebug is one of the most popular
> extensions for Firefox. Given the fact that a lot of the Firefox users
> are geeks, the chances to have Firebug installed in a random Firefox
> client are quite high.
>
> I wrote two POC to demonstrate the issue. You can find them from the
> page on the top of this message. The first POC runs calc.exe and
> cmd.exe on windows systems. The second POC does a count down from 10
> to 0 and executes calc.exe to prove that automatic execution is
> possible.
>
> --
> pdp (architect) | petko d. petkov
>
>
> --------------------------------------------------------------
> --------------
> Join us on IRC: irc.freenode.net #webappsec
>
> Have a question? Search The Web Security Mailing List Archives:
>
>
> Subscribe via RSS:
> [RSS Feed]
>
>
