Messages service for OS X contains vulnerability that poured out messages

Apr

9

2016

The Messages service for OS X contains a vulnerability, which made it possible to get the entire file and call history from a user to click on this link. Apple in March distributed a patch to plug the leak.

The vulnerability, which has been allocated the number CVE-2016-1764, was possible because Messages uses an embedded version of the WebKit engine. In addition, the service renders any uri as a selectable HTML link, so write the security researchers at Bishop Fox. Because no list exists of allowed protocols Messages, an attacker could use a malicious javascript link sent to the victim, as in the video demonstration below. As a result, a potential attacker was able to execute JavaScript code.

Messages Because no same-origin policy applies were there with a malicious script via XHR be called GET request certain files. To get the file and call history when it was necessary to identify the user name under which it was registered in OS X. On this basis, the attacker could generate the full path to the IM database. According to the researchers, however, this was not a problem as the logged in user could be easily retrieved from the OS X application sandbox. In this way, it was possible to send the entire file and conversation history to a chosen server.

If it was activated automatic forwarding of SMS messages could be traced also the history of an iPhone this xss attack. It was not possible for example to install malware via this way. The code of the corresponding exploits by the researchers available soon GitHub and no indications were that the vulnerability is actually used by attackers.

Viewing:-143

In: Technology & Gadgets Asked By: [15780 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »