Jul13
1:44 am (UTC-7)   |   by Ryan Flores (Advanced Threats Researcher)

An interesting scenario was presented by a Proof-of-Concept exploit that uses IE(any version) to run possible malicious Javascript codes in Firefox version 2.0.


Yes, dear readers, IE and Firefox working together! Aptly categorized as Cross Browser Scripting, this particular exploit targets vulnerable parameters passed across different browsers (in this case IE to Firefox). As of the moment, several Proof-of-Concept codes can be found in web, where safe payloads such as spawning a command prompt or saving a non-malicious text file are performed.
This does not bode well and I think it is only a matter of time when malware authors start developing actual malware codes based on this vulnerability.


To add more “bad” news, Microsoft (IE) and Mozilla (Firefox) are pointing fingers on who should fix the flaw.

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!



This entry was posted on Friday, July 13th, 2007 at 1:44 am and is filed under Uncategorized . Responses are closed, but you can trackback from your own site.



Comments are closed.


Computer Viruses, 25 Years Going
Phishing in two seconds


 
TrendWatch Hijack This Web Protection Add-On
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
 

 
© Copyright 2009 Trend Micro Inc. All rights reserved. Legal Notice