A single text is all it took to unleash code-execution worm in Cisco Jabber

by
Dan Goodin
from Ars Technica - All content on (#57QPW)
cisco-jabber-800x491.jpg

Enlarge (credit: Cisco)

Until Wednesday, a single text message sent through Cisco's Jabber collaboration application was all it took to touch off a self-replicating attack that would spread malware from one Windows user to another, researchers who developed the exploit said.

The wormable attack was the result of several flaws, which Cisco patched on Wednesday, in the Chromium Embedded Framework that forms the foundation of the Jabber client. A filter that's designed to block potentially malicious content in incoming messages failed to scrutinize code that invoked a programming interface known as onanimationstart."

Jumping through hoops

But even then, the filter still blocked content that contained <style>, an HTML tag that had to be included in a malicious payload. To bypass that protection, the researchers used code that was tailored to a built-in animation component called spinner-grow. With that, the researchers were able to achieve a cross-site scripting exploit that injected a malicious payload directly into the internals of the browser built into Jabber.

Read 10 remaining paragraphs | Comments

index?i=qDl9qovALO4:i8IjMfSzzho:V_sGLiPB index?i=qDl9qovALO4:i8IjMfSzzho:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments