Information Security Services, Threat Assessment, Vulnerability Assessment and Penetration Testing

Browser Vulnerabilities – Part 2

In the last article, we saw how miscreants exploit browser architecture vulnerabilities to target unsuspecting victim. In the second installment of browser vulnerabilities, we will explore other means whereby browser integrity is compromised to target users.

Cross-site Scripting (XSS)
Cross-site Scripting (XSS) refers to client side code injection attack. XSS attackers execute malicious scripts in a website. The main victims of XSS vulnerabilities are dynamic websites. Whenever web pages are generated on the fly by the web server, it is the client browser that interprets the page. Unlike static websites, where there is little or no scope for an attacker to inject code, dynamic website accepts user input. This allows attackers to exploit script vulnerabilities. This malicious code is not detected by either the browser interpreter. Since JavaScript is the top choice for handling client side events, XSS mostly target JavaScript. XSS attackers thus exploit web application vulnerability to target users indirectly, rather than by direct means.
While the newer versions of browsers are protected to a large extent from XSS, the older versions are still prone to it.
XSS can be further sub divided as Stored XSS, Reflected XSS, and Document Object Model based XSS.

Denial of Service (DoS) Vulnerability
Any website or a web application is hosted on a server. The server is connected to the Internet backbone using high speed connectivity. DoS attacks occur when attackers with malicious intentions make so many service requests that the server is just overwhelmed by the requests and stops processing them. This either results in the server getting noticeably slow or crashing altogether.  While DoS usually targets web servers, it is not restricted to them. Some DoS can be also used to attack a mail server and other servers. As in XSS, the main culprit that inadvertently facilitates DoS is JavaScript. JavaScript permits infinite looping, and attackers take advantage of this feature to inject malicious code to breach security.
One interesting point to note is that while DoS attacks may be initiated from a single machine, they can be easily blocked by firewalls and other cyber security measures. These attackers therefore use a cluster of machines to carry out the attack. Simply put, it takes an orchestrated effort to effectively make a successful DoS attack.

Remote Code Execution Vulnerability
In a layman's term, remote code execution is an attacker's capability to access a device and make unauthorized changes to the devices programs / code, irrespective of where the machine is geographically located. Most browsers are vulnerable to this kind of attack. Attackers typically inject and execute shell code to give an attacker an easy way to manually run arbitrary commands. Not only browsers, but most languages are vulnerable to remote code execution vulnerability, and coders need to take adequate cyber security measures to prevent this from happening. 

Buffer Overflow Vulnerability
Modern programming languages use variables to store data that cannot be defined at the time of writing of code. Arrays are a typical example of variables. These variables are allocated certain fixed length sequential memory slots to store the data. A buffer overflow typically occurs when more data is put in the memory slot than designated for it. When this happens, miscreants can exploit the situation. This is called as buffer overflow vulnerability.
Most of the browsers are vulnerable to remote code execution and memory corruption.

To summarize, there are various kind of browser vulnerabilities that cyber criminals / hackers can exploit. These vulnerabilities occur either due to inherent browser code bugs or faulty code. Browser companies constantly test and fix the vulnerabilities with security patches as and when required. It is also essential to let competent cyber security consultants assess code that company programmers have written. Only then can you mostly protect yourself from these vulnerabilities.

You may also like to read: