Fuzzing Tool Discovers Over 100 Vulnerabilities Inwards Pop Browsers !

The world unloose of cross_fuzz - a cross-document DOM binding fuzzer that is able to honour vulnerabilities inwards all browsers past times examining how they interact amongst diverse elements piece they homecoming spider web pages - past times the Google-employed safety researcher Michal Zalewski has unveiled some worrying information.

First, that some of the over 100 vulnerabilities institute inwards browsers such every bit Internet Explorer, Firefox, Opera, too WebKit powered Chrome too Safari are nevertheless currently unpatched. Second, that at to the lowest degree i of the IE vulnerabilities discovered may hold out known to 3rd parties plainly located inwards China.

Stating that this was the principal argue for making the fuzzing tool too that data public, he explained how he came to that conclusion.

"While working on addressing cross_fuzz crashes inwards WebKit prior to this announcement, i of the developers accidentally leaked the address of the fuzzer inwards i of the uploaded crash traces. As a result, the fuzzer directory, including msie_crash.txt [the text file containing details of the vulnerability], has been indexed past times GoogleBot," he wrote.

Prior to that accident no i else had access to the tool, simply on Dec 30, he registered search queries from an IP address inwards mainland People's Republic of China using the names of ii functions unique to this vulnerability every bit keywords - functions that at that fourth dimension were non mentioned anywhere else on the Internet. 

"Crucially, the soul had no apparent cognition of cross_fuzz itself, poked to a greater extent than or less the directory for a while, too downloaded all the accessible files; suggesting this non beingness an agent i of the notified vendors, simply also beingness a security-minded visitor," he said, speculating that it is probable this visitor has discovered the same vulnerability past times another means, too was searching the Internet for data most it.

The minute argue for making the tool available to Earth is the wish of getting feedback too aid from other developers too safety researchers inwards social club to perfect the tool too resolve some number they've been having when running it. 

Needless to say, Microsoft is non happy that the tool has been released - inwards fact, according to Zalewski, they tried to brand him postpone its unloose indefinitely. "Since they convey non provided a compelling explanation every bit to why these issues could non convey been investigated earlier, I refused," he wrote.

Source : Google

Share This :