88
edits
Security/Mentorships/MWoS/2014/B2G-IPC-Audit: Difference between revisions
Security/Mentorships/MWoS/2014/B2G-IPC-Audit (view source)
Revision as of 12:49, 15 August 2014
, 15 August 2014→Scope
(→Scope) |
(→Scope) |
||
| Line 25: | Line 25: | ||
This audit is concerned with software bugs in the FirefoxOS code that allow an attacker to compromise a privileged process and escape from the sandbox. | This audit is concerned with software bugs in the FirefoxOS code that allow an attacker to compromise a privileged process and escape from the sandbox. | ||
Some great examples in other browsers/systems... | Some great examples in other browsers/systems...<br /> | ||
[https://code.google.com/p/google-security-research/issues/detail?id=12 Ian Beer's OSX launchd integer overflow heap corruption] | |||
[https://docs.google.com/document/d/1tHElG04AJR5OR2Ex-m_Jsmc8S5fAbRB3s4RmTG_PFnw/edit Pinkie Pie's Google Chrome Clipboard IPC typecasting] | [https://code.google.com/p/google-security-research/issues/detail?id=12 Ian Beer's OSX launchd integer overflow heap corruption]<br /> | ||
[https://code.google.com/p/chromium/issues/detail?id=117226 Sergey Glazunov's Google Chrome | |||
[https://docs.google.com/document/d/1tHElG04AJR5OR2Ex-m_Jsmc8S5fAbRB3s4RmTG_PFnw/edit Pinkie Pie's Google Chrome Clipboard IPC typecasting]<br /> | |||
[https://code.google.com/p/chromium/issues/detail?id=117226 Sergey Glazunov's Google Chrome iframe UXSS] | |||
=== Success Criteria === | === Success Criteria === | ||