Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox vulnerable to XUL content


  • Please log in to reply
1 reply to this topic

#1 raw

raw

    Bleeping Hacker


  • Members
  • 2,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:10:31 AM

Posted 01 August 2004 - 02:13 PM

Well we knew it wouldn't be long before the widely popular browser became a target for bad guys.

Mozilla Firefox allows remote sites to render XUL content that
mimics the browser's user interface.  Using Javascript, the real
interface can be turned off and replaced with fake UI components.


http://www.nd.edu/~jsmith30/xul/test/spoof.html

Click on Firefox versions 0.9.0 - 0.9.2

This will NOT harm your browser or computer.

rawsig.png

 rawcreations.net          @raw_creations


Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linux

and a custom Linux From Scratch server hosting a bunch of top secret stuff.


BC AdBot (Login to Remove)

 


#2 HuckerJ

HuckerJ

  • Members
  • 189 posts
  • OFFLINE
  •  
  • Location:East Tennessee
  • Local time:11:31 AM

Posted 04 August 2004 - 03:02 PM

Well, they didn't fix it in 0.9.3. :thumbsup: I thought it would be since one of the four bugs fixed was "lock icon and certificates spoofable with onunload document.write".
There are 10 kinds of people. Those who understand binary notation, and those who do not.
Posted Image - It plays, it streams, it kills WiMPs!!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users