Firebug XSS Mayhem
Firebug is a very powerful JavaScript debugger for Firefox … it has tons of useful features like a dynamic console, DOM tree explorer, CSS viewer/editor … [and much more].
Firebug was exploited by pdp yesterday.
The problem? A simple Cross Site Scripting vulnerability within the console.x functionality, and other places? :) As the vulnerability occurs within "Chrome" an attacker could potentially compromise the browser and/or operating-system.
Some may immediately disable Firebug “completely” until a fix is released in hopes of preventing the risk. Yes, it will mitigate the risk significantly but will still be exploitable. By default Firebug is always enabled (regardless of user preference) in the local browser context. The only complete fix is to uninstall the plugin.
A fix has already been released and is available here.
What I found interesting about pdp’s finding is not so much the vulnerability in Firebug - we have seen previous vulnerabilities in Firefox plugins including the Sage RSS reader exploits myself and pdp exploited in the past. The awesome concept here was using Mozilla code to load executables files. Very, very bad indeed! Whats worse, it was trivial to find, and it took him around 30 mins to write a POC exploit.
XSS is the new buffer overflow.