Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Malicious Mozilla/Firefox/Thunderbird/Etc Extension
From: Todd Haverkos <infosec () haverkos com>
Date: Mon, 14 Jul 2008 17:31:47 -0500

"Andrei Hanganu" <handrei () gmail com> writes:

I have recently started work on a xpcom component for Firefox,
astonished i was by the fact that in an XPI archive file one can
include binary libraries (dll/so files) that get auto loaded in
firefox via a precise function prototype. The problem is that the code
in that component is allowed to do anything the user that runs firefox
has credentials to do.
Wham i am curious is if there have ever been reported malicious
mozilla extensions, and if besides the signing of the addon is there
any other way to protect from such addons.

I vaguely recall this in March:


and, more recently, there was a big deal made of issues with teh
updgrade mechanism:


I'm sure there are better links for these issues but these are what
came up in my traditional 20 seconds of search term creation.  :-) 

Todd Haverkos, LPT MsCompE

This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]