Using custom Microsoft Agent characters it is possible to cover any kind of windows, including security or download dialogs. This is an expected feature of the Microsoft Agent control. Because custom characters are fully scriptable, can have any kind of shape and are downloaded automatically, this can be used as a flexible tool to cover and/or spoof any kind of window and lure the user to execute arbitrary code by performing one or two clicks (depending on security zone configuration and Windows version).
039b06b0507512df1ffd004234a3787a21cf7ec3fdaad643a094cb8696e17771
Mozilla Firefox versions 1.0.4 and below 'Set As Wallpaper' code execution exploit.
cf5c755d38d84ac4c3f08e88ca55a8bdd553231fbfcb823db2f7c3a759435c57
Even though Firefox 1.0.1 patched one of the key bugs behind the firescrolling exploit (the ability of plugins to load chrome files in a hidden frame) the ability to hijack a drag and drop operation and open a privileged xul file is still available.
111d602c6d49d7cf172b6d139521c1cabf83ed7201a241e1186dee257802ea76
Using plugins like Flash and the -moz-opacity filter, it is possible to display the about:config site in a hidden frame or a new window in Firefox 1.0 and Mozilla 1.7.5.
c7cedd28bcc9f676fdc00b491f4c17d87ecc083eb62153962929c8cfa0956d21
The Javascript security manager can be bypassed when a link is dropped to a tab in Firefox 1.0 and Mozilla 1.7.5.
7cec86bc934ea6cea05a1709645f91946c041eac917919abc3f8c3a2521d4edc
Firefox built-in protection against allowing dragged non-image files can be bypassed when an executable is passed with a content-type of image/gif. Tested with Firefox 1.0 and Mozilla 1.7.5.
89c610f95e5084fbbd9fffd302c959d26a3a3d494bde761f4320c56b831760b3
Using javascript, is it still possible to spoof the content of security and download dialogs by covering them with a pop up window. This flaw has gone unpatched for 3 months. Tested with Firefox 1.0, Mozilla 1.7.5 and Netscape 7.1 on Windows XP SP2.
8ee325769b4d65b9d4988a856115b8341be0f914bab83c9126520d5e84c1bf3f
A series of tests were performed to find Cross-Site Scripting (XSS) vulnerabilities. It quickly turned out that the majority of all major websites suffer from some kind of XSS flaw. This is a disclosure of 175 vulnerabilities at once.
542050829be68249f5087c7bfb911b172ced5e03a109ac853b43196bedcb2e29