Hi users of the NoScript extension and forum friends,
After a serious hole was being patched with Firefox 3.5.1, yet another serious hole has been found up within a week's time, that apparently still exists in 3.5.1. The "Unicode Data Remote Stack buffer overflow" was reported July 15th, see the POC here: http://downloads.securityfocus.com/vuln ... 35707.html
According to the Internet Storm Center Fx 3.5.1. is (still) also vulnerable. The exploit is a remote stack-based buffer-overflow vulnerability that can make the browser crash or enable remote code execution, so successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed attempts will likely result in denial-of-service conditions. Is NoScript again protecting us against this one?
luntrus
Another critical hole within the week - does NS protect?
Another critical hole within the week - does NS protect?
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/531.0 (KHTML, like Gecko) Iron/3.0.189.0 Safari/531.0
- Giorgio Maone
- Site Admin
- Posts: 9454
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: Another critical hole within the week - does NS protect?
Yes it does, as long as you don't whitelist the malicious code as trusted.
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.1) Gecko/20090715 Firefox/3.5.1 (.NET CLR 3.5.30729)
Re: Another critical hole within the week - does NS protect?
Hi Giorgio Maone,
I really did not expect another answer. This again demonstrates that NoScript is an extension that protects users against old and new exploits, and even against vulnerabilities that still have to be dreamt up and lay somewhere in the near and distant future. I as a user of this extension - and I think a lot of users here agree - consider NS as a revolutionairy security concept, even so that I fear to use any browsers that has not got this extension on board,
luntrus
I really did not expect another answer. This again demonstrates that NoScript is an extension that protects users against old and new exploits, and even against vulnerabilities that still have to be dreamt up and lay somewhere in the near and distant future. I as a user of this extension - and I think a lot of users here agree - consider NS as a revolutionairy security concept, even so that I fear to use any browsers that has not got this extension on board,
luntrus
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/531.0 (KHTML, like Gecko) Iron/3.0.189.0 Safari/531.0
Re: Another critical hole within the week - does NS protect?
2nd-hole-found-in-Firefox-35-unicode-Remote-buff-Overflow - Mozilla Firefox 3.5 Unicode Data Remote Stack Buffer Overflow Vulnerability
Oh, & for whatever reason, I'm not able to make the "code" from the link you posted act like "html".
When I save, then try to load it, it loads as if it were text?
Oh, & for whatever reason, I'm not able to make the "code" from the link you posted act like "html".
When I save, then try to load it, it loads as if it were text?
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.1pre) Gecko/20090716 SeaMonkey/2.0b1pre
-
- Ambassador
- Posts: 1586
- Joined: Fri Mar 20, 2009 4:47 am
- Location: Colorado, USA
Re: Another critical hole within the week - does NS protect?
Mozilla has determined the problem isn't exploitable. The authorities have been notified so they can update their advisories to something less alarming.
http://blog.mozilla.com/security/2009/0 ... 2009-2479/
http://blog.mozilla.com/security/2009/0 ... 2009-2479/
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.1) Gecko/20090715 Firefox/3.5.1
Re: Another critical hole within the week - does NS protect?
Perhaps not "exploitable", but if it results in a type of "DoS", or a crash, then in that respect ..."
So it's not an exploit. But the end result to end user while perhaps not as severe as an exploit is still unwanted. (Though I'm sure "exploits" like this are far more common then one might imagine.)
(I suppose Session Restore helps to mitigate things. But then that also kind of relies on having NoScript installed & blocking the site hosting the exploit at the time of the restore.)
So it's not an exploit. But the end result to end user while perhaps not as severe as an exploit is still unwanted. (Though I'm sure "exploits" like this are far more common then one might imagine.)
(I suppose Session Restore helps to mitigate things. But then that also kind of relies on having NoScript installed & blocking the site hosting the exploit at the time of the restore.)
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.1pre) Gecko/20090716 SeaMonkey/2.0b1pre
Re: Another critical hole within the week - does NS protect?
Here is the Bug 504342 - Investigate milw0rm 9158 "unicode stack overflow".
Here's another (though fixed in current versions of Mozilla), Memory-hogging bug offers universal browser crash exploit. This exploit/dos/crasher/hole/... they say has existed 9 years now.(Though I'm sure "exploits" like this are far more common then one might imagine.)
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.22) Gecko/20090605 SeaMonkey/1.1.17