Firefox, 2.x & 3.x, Code Execution Vulnerability

myITforum.com Community Forum

Home Forums Blogs Live Support chat Search Articles Wiki FAQ Email Lists Register Login My Profile Inbox Address Book My Subscription My Forums

Photo Gallery Member List Search Calendars FAQ Ticket List Log Out

All Forums RSS Feed Subscription:

Firefox, 2.x & 3.x, Code Execution Vulnerability

View related threads: (in this forum | in all forums)

Logged in as: Guest

Printable Version

All Forums >> [Security, AntiVirus, and Patching] >> Breaking Virus & Security News >> Firefox, 2.x & 3.x, Code Execution Vulnerability

Page: [1]

Message

<< Older Topic Newer Topic >>

Firefox, 2.x & 3.x, Code Execution Vulnerability - 6/19/2008 11:20:13 AM

awenlock

Posts: 334
Score: 175
Joined: 3/8/2005
Status: offline

Details have been emerging over the last day or so regarding a new, 0-Day, vulnerability that has been found in Firefox. Although a lot of press has highlighted that this affects the new 3.0 version that came out on Tuesday its important to note that this also affects the older 2.x versions too.

Quote:
A vulnerability has been reported in Mozilla Firefox, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error and can be exploited to execute arbitrary code e.g. when a user visits a specially crafted web page. The vulnerability is reported in versions 3.0 and 2.0.x. Other versions may also be affected.

At the moment there is no fix for this but word is that Mozilla are currently working on this issue and whilst they work on this fix there are no exact details of the vulnerability being published.

Links:

Secunia: http://secunia.com/advisories/30761/
FrSIRT: http://www.frsirt.com/english/advisories/2008/1873
TheRegister: http://www.theregister.co.uk/2008/06/19/firefox3_bugs/

Regards
Alan