|
Full Disclosure
mailing list archives
Re: Firefox cross-domain image theft (CESA-2008-009)
From: adrian.lamo () hushmail com
Date: Tue, 18 Nov 2008 16:39:02 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dear Petro D. Petro,
Fascinating work. I will try to understand it when Juha provides a
digest on his security team website.
- -al
On Tue, 18 Nov 2008 16:26:13 -0500 Chris Evans
<scarybeasts () gmail com> wrote:
Hi,
Firefox 2.0.0.18 fixes a cross-domain theft of image data. Firefox
3
unaffected. It's another interesting case where a redirector
confuses the
browser about the true origin of a piece of content. If evil.org
hosts a
redirector, e.g. evil.org/redir, and an image is loaded via this
redirector,
the image will be treated as a same-domain image. In this event,
the image
pixel data may easily be stolen by rendering the image to a canvas
and using
the getImageData() JavaScript API.
Advisory: http://scary.beasts.org/security/CESA-2008-009.html
Blog post:
http://scarybeastsecurity.blogspot.com/2008/11/firefox-cross-
domain-image-theft-and.html
Cheers
Chris
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify
wpwEAQMCAAYFAkkjNfYACgkQ8J2EGU1ixm7pswP8DZyojyrOATc1MWgyl8x9pwmcv+eb
Fe4TfM807F6QyPYD/S3sFt30dFjxR4Y00UgFCLMuig23WFGHey8x81x+kzOCXPEYCerr
43xXFEHtgpAJXSusAewGtyC1rhF1ox7yE+nptGDfo16xhMxUwOQbgJxrXkffwrStOCp1
NCpyVHM=
=b0a7
-----END PGP SIGNATURE-----
--
Click for free info on getting an MBA, $200K/ year potential.
http://tagline.hushmail.com/fc/PnY6qxsZwUEc5DoIOvJcoaOATuGbppGqGc2rd3tXUsJpcramttFQ8/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Re: Firefox cross-domain image theft (CESA-2008-009) adrian . lamo (Nov 18)
| 
Intro
