It's public now:
https://code.google.com/p/chromium/issues/detail?id=497588
Interesting Points:
They did reproduce
I can reproduce this locally
They say it's DoS
seems like any renderer denial-of-service
(The browser does not crash!)
They say it's not security issue
remove security flags from
Impact:
The click to verify thing is completely broken...
Anyone can be BBB Accredited Business etc.
You can make whitehouse.gov display We love Islamic State :-)
Note:
No user interaction on the fake page.
Code:
* index.html
script
function next()
{
Impact:
It works on fully patched versions of iOS and OS X
Reference:
http://arstechnica.com/security/2015/05/safari-address-spoofing-bug-could-be-used-in-phishing-malware-attacks/
Code(JavaScript):
function f()
{
Analyst | Security Operations
Centre | Royal Bank of Canada
-Original Message-
From: Fulldisclosure [mailto:fulldisclosure-boun...@seclists.org] On Behalf Of
Zaakiy Siddiqui
Sent: 2015, February, 04 6:46 PM
To: David Leo; Joey Fowler
Cc: fulldisclos...@seclists.org; b
, all viable XSS tactics are open!
Nice find!
Has this been reported to Microsoft outside (or within) this thread?
--
Joey Fowler
Senior Security Engineer, Tumblr
On Sat, Jan 31, 2015 at 9:18 AM, David Leo david@deusen.co.uk wrote:
Deusen just published code and description here:
http
1.
Spartan - vulnerable (Windows 10)
http://www.deusen.co.uk/items/insider3show.3362009741042107/SpartanWin10_screenshot.png
Thanks to Zaakiy Siddiqui!
2.
?php
sleep(2);
header(Location: http://www.dailymail.co.uk/robots.txt;);
?
Many asked for it.
3.
It's Universal XSS, as we tested:
Not only
, that is).
It looks like, through this method, all viable XSS tactics are open!
Nice find!
Has this been reported to Microsoft outside (or within) this thread?
--
Joey Fowler
Senior Security Engineer, Tumblr
On Sat, Jan 31, 2015 at 9:18 AM, David Leo david@deusen.co.uk
mailto:david
Deusen just published code and description here:
http://www.deusen.co.uk/items/insider3show.3362009741042107/
which demonstrates the serious security issue.
Summary
An Internet Explorer vulnerability is shown here:
Content of dailymail.co.uk can be changed by external domain.
How To Use
1.