In this text we describe CVE-2018-0296 error concerning Cisco ASA devices, publicized 6th of June by Cisco. Officially, vulnerability was classified as Denial Of Service, although our report concerned a different type of error. More details below. A word of introduction:Cisco ASA device (Adaptive Security Appliance) is very popular and is often a part of …
Tag: Bypass
Bypassing the Same-origin policy in Firefox – detailed description (CVE-2015-7188)
In the third quarter of last year, I reported a security bug to Mozilla that allowed me to bypass Same Origin Policy (SOP) in Firefox. Due to this bug, it was possible to launch attacks by stealing data belonging to other domains. The source of the problem was a seemingly insignificant detail when parsing IP …