Mozilla_Firefox_Html_Parser_XSS_Bypass

Overview

» IDS/IPS Signatures

Security Sites

iPolicy Networks Security Advisory

Mozilla Firefox Html Parser XSS Bypass Vulnerability


Date Discovered:	9/24/2008
Severity:	High
Applications Affected:	Mozilla Firefox 2.0.0.14 and prior
Type	Remote
Identifiers	CVE-2008-4066
Vendor	Mozilla Foundation

Synopsis

Vulnerability has been discovered in Mozilla firefox browser Html parser. This allows remote attackers to perform cross site scripting attack with respect to the vulnerable version of the application.

Recommended Action

Vendor has released the updated version of the application.
http://www.mozilla.com/en-US/firefox/3.0.2/releasenotes/

Threat Analysis

Mozilla Firefox is the widely used web browser application. The browser is capable of processing HTML, scripting languages, and interpreting various other popular Internet specifications.

Recently there is a vulnerability found in its HTML parser.This parser ignored certain low surrogate characters if they were HTML-escaped. Remote attacker can use this to bypass naive script filtering and perform an XSS attack.

Remote attacker can exploit this issue via sending the victim web page containing the specially crafted script code.Once the victim visits this web page, exploit code gets executed with respect to the browser.

References

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4066
http://www.mozilla.org/security/announce/2008/mfsa2008-43.html

Write-up by: Vikrant

Security Sites

“iPolicy is one of the most visionary firewall vendors in the firewall Magic Quadrant. Its architecture of a central session processing engine and multiple content blades that are able to block based on signatures, rules and so on is the closest to the network security ideal.”

Greg Young, John Pescatore
Magic Quadrant for Network Firewalls, 2H04, Gartner

| | | | | | | | |