[Pkg-mozext-maintainers] Bug#559267: Bug#559267: CVE-2009-4102: RSS Feeds Cross Domain Scripting Vulnerability
Alan Woodland
alan.woodland at gmail.com
Thu Dec 3 16:14:44 UTC 2009
2009/12/3 Alan Woodland <alan.woodland at gmail.com>:
> 2009/12/3 Giuseppe Iuculano <iuculano at debian.org>:
>> Package: firefox-sage
>> Severity: grave
>> Tags: security
>>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>>
>> Hi,
>> the following CVE (Common Vulnerabilities & Exposures) id was
>> published for firefox-sage.
>>
>> CVE-2009-4102[0]:
>> | Sage 1.4.3 and earlier extension for Firefox performs certain
>> | operations with chrome privileges, which allows remote attackers to
>> | execute arbitrary commands and perform cross-domain scripting attacks
>> | via the description tag of an RSS feed.
>>
>> If you fix the vulnerability please also make sure to include the
>> CVE id in your changelog entry.
>>
>> For further information see:
>>
>> [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4102
>> http://security-tracker.debian.org/tracker/CVE-2009-4102
>
> Hmm, I'll take a look at this this afternoon. It's possible we might
> not be hit by this one, last time there was an XSS bug I applied a
> patch that went further than upstream did.
>
Ho hum, I've so far not succeeded in finding a test case that exploits
this (safely). I thought the attached feed would break things, but
apparently not so far.
Alan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: myrss.xml
Type: text/xml
Size: 600 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-mozext-maintainers/attachments/20091203/0d2ca703/attachment.bin>
More information about the Pkg-mozext-maintainers
mailing list