Closed
Bug 1287372
Opened 8 years ago
Closed 8 years ago
Clear-text credentials in browser memory
Categories
(Firefox :: Untriaged, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 298539
People
(Reporter: research, Unassigned)
Details
Attachments
(1 file)
6.90 MB,
video/mp4
|
Details |
User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36 Steps to reproduce: We would like to report something that we consider a vulnerability in your browser. We have identified that sensitive data entered in the browser remains in clear-text in memory, even after the data has been sent to the server and the tab has been closed by the user. This allows anyone who can get his/her hands on a memory dump of your browser process to harvest this data. It could be abused for sensitive data theft by e.g. malware, law enforcement, ... . Actual results: We were able to extract plaintext sensitive data from memory dumps using a Volatility plugin we wrote as a proof of concept for this vulnerability. Expected results: Going forward, we recommend to mitigate this issue by ensuring that you overwrite sensitive data from memory with zeroes as soon as possible, to prevent even free'd sensitive data from remaining available in memory. Generally, this can be done after the data has been sent to the server.
Updated•8 years ago
|
Group: firefox-core-security
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•