I can call a "QueryInterface" method of an object from a webpage in Firefox. I'm assuming that's not good, but is it exploitable?
@berendjanwever @jruderman any idea? Any suggestions what I could try to pass as an argument to see if I can do anything with this?
-
-
@berendjanwever@jruderman Looks like part of Components.interfaces is still content-exposed? -
@xlerb@berendjanwever “Components.interfaces” is now just a shim. I don’t think it can be used for QI. https://bugzilla.mozilla.org/show_bug.cgi?id=790732 … patches 4,7 -
@xlerb@berendjanwever One motivation for removing it was that web pages could enumerate some Firefox extensions https://bugzilla.mozilla.org/show_bug.cgi?id=429070 … -
@xlerb@berendjanwever If the real Components.interfaces is still available on XBL scopes, you might be able to snag it from there somehow… -
@jruderman@xlerb ...obviously. But if someone had no idea what Components.interfaces, QueryInterface, XBL scopes are, are there docs? -
@jruderman@xlerb (let's assume this person has never looked at Firefox source before, other than a few lines surrounding a vuln or two).
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.