Browser Vulnerabilities
In order to protect its web browser from inter-protocol exploitation, Mozilla blocked several ports that HTML forms would not normally have access to. In January 2010, the GNAA discovered that Mozilla's blocks did not cover port 6667, which left Mozilla browsers vulnerable to cross-protocol scripts. The GNAA crafted a JavaScript-based exploit in order to flood IRC channels. Although EFnet and OFTC were able to block the attacks, Freenode struggled to counteract the attacks. Goatse Security exposed the vulnerability, and one of its members, Andrew Auernheimer, aka "weev," posted information about the exploit on Encyclopedia Dramatica.
In March 2010, Goatse Security discovered an integer overflow vulnerability within the Apple Safari and posted an exploit on Encyclopedia Dramatica. They found out that a person could access a blocked port by adding 65,536 to the port number. This vulnerability was also found in Arora, iCab, OmniWeb, and Stainless. Although Apple fixed the glitch for desktop versions of Safari in March, the company left the glitch unfixed in mobile versions of the browser. Goatse Security claimed that a hacker could exploit the mobile Safari flaw in order to gain access and cause harm to the Apple iPad.
Read more about this topic: Jackson Brown