-
Archives
- November 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- September 2007
- April 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- April 2006
- August 2005
- April 2005
- March 2005
- March 2004
-
Meta
Monthly Archives: October 2008
Advisory: BOM’ing Firefox’s Javascript Interpreter
Damage: Filter evasion, cross-site scripting Exploit: Insert Unicode byte order mark (BOM) U+FEFF into javascript statements to bypass filters. Root Cause: character absorption/swallowing Product version: Firefox 3.01 and earlier Link to Mozilla advisory: http://www.mozilla.org/security/announce/2008/mfsa2008-43.html Well admittedly this one seems to … Continue reading