Apple's Safari 4 fixes local file theft attack
Page 1 of 1
Apple's Safari 4 fixes local file theft attack
Safari 4 was just released and among the various improvements is a range of security fixes. One of these fixes is for an XXE attack against the parsing of the XSL XML. Full technical details may be found here:
http://scary.beasts.org/security/CESA-2009-006.html
Or for the lazy, you can skip straight to the:
Demo for Safari 3 / MacOS
Demo for Safari 3 / Windows
I found it interesting that Safari 3 seemed robust against XXE attacks in general -- there are a lot of places that browsers find themselves parsing XML (XmlHttpRequest, prettifying XML mime type documents, SVG, E4X, etc.) However, the relatively obscure area of the XSL XML succumbed to an XXE attack.
(Note: awareness of XXE attacks remains low despite the issue being documented since at least 2002).
http://scary.beasts.org/security/CESA-2009-006.html
Or for the lazy, you can skip straight to the:
Demo for Safari 3 / MacOS
Demo for Safari 3 / Windows
I found it interesting that Safari 3 seemed robust against XXE attacks in general -- there are a lot of places that browsers find themselves parsing XML (XmlHttpRequest, prettifying XML mime type documents, SVG, E4X, etc.) However, the relatively obscure area of the XSL XML succumbed to an XXE attack.
(Note: awareness of XXE attacks remains low despite the issue being documented since at least 2002).
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics
» Apple's Safari 4 also fixes cross-domain XML theft
» Firefox fixes CSS-based cross-origin theft issue
» BaconMap 1.0 Local File Inclusion
» CMS Made Simple 1.8 Local File Inclusion
» Bonus Safari XXE (only affecting Safari 4 Beta)
» Firefox fixes CSS-based cross-origin theft issue
» BaconMap 1.0 Local File Inclusion
» CMS Made Simple 1.8 Local File Inclusion
» Bonus Safari XXE (only affecting Safari 4 Beta)
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum