BugTraq
New writeup by Amit Klein (Trusteer): "Cross-domain information leakage in Firefox 3.6.4-3.6.8, Firefox 3.5.10-3.5.11 and Firefox 4.0 Beta1" Sep 14 2010 03:48PM
Amit Klein (amit klein trusteer com)
Hi list

I would like to announce a new writeup, titled "Cross-domain
information leakage in Firefox 3.6.4-3.6.8, Firefox 3.5.10-3.5.11
and Firefox 4.0 Beta1".

The writeup is available in the following URL:

http://www.trusteer.com/sites/default/files/Cross_domain_Math_Random_lea
kage_in_FF_3.6.4-3.6.8.pdf

Abstract:
While Mozilla attempted to address the issues of cross domain
information leakage (through Math.random) in Firefox 3.6.4, Firefox
3.5.10 and Firefox 4.0 Beta-1, there is still a security
vulnerability in the way the isolation is implemented, which enables
cross domain leakage. In fact, it may make it easier to attack
Firefox in some cases, compared to previous versions.
Additionally, a concerned is raised on the entropy provided in the
seed to the Math.random PRNG, which may enable more powerful attacks.

This isolation issue was fixed in Firefox 3.6.9, 3.5.12 and 4.0 Beta2.

This issue has been assigned a CVE code CVE-2010-3171.

Thanks,
-Amit

Amit Klein, CTO, Trusteer

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus