Mozilla Firefox Two Vulnerabilities

Secunia Advisory: SA15292

Code:

Release Date: 2005-05-08

[B]Description:[/B]
Two vulnerabilities have been discovered in Firefox, which can be exploited
by malicious people to conduct cross-site scripting attacks and compromise
a user's system.

 

Took them long enough to get this

 

Solution:
Disable JavaScript

Hopefully someday....no matter the browser of choice for the less knowledgeable....they all learn that scripts is an action....and there will be a reaction if it's allowed to run free

 

http://addict3d.org/index.php?page=viewarticle&type=security&ID=3919

http://greyhatsecurity.org/vulntests/ffrc.htm

A combo of a crosssite scripting attack involving iframes and the failure of the whitelisting mechanism for extensions installions allows remote excutation of code, simply by clicking any where on the page?

Looks like you can either turn off javascript, or uncheck 'allow websites to install software' to prevent the worse of the attacks. The sample poc page above, tricks the browser into thinking it is excutating code from one of the 2 default whitelisted sites.

 

Cute, it looks like they made some server side change to the UMO site, so now even the exploit doesnt work on the 2 default whitelisted sites (addons.update.mozilla.org & addons.mozilla.org)

The problems looks to be pretty small now, since an attacker has to either manage to figure out which additional site you have whitelisted for the exploit to work or trick you somehow into adding a known site into the whitelist or compromise the default whitelisted sites.