• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.
  • The forums have been upgraded with support for dark mode. By default it will follow the setting on your system/browser. You may override it by scrolling to the end of the page and clicking the gears icon.

Firefox Bug

I

Ice Czar

New Member
Joined
Mar 29, 2006
Messages
116 (0.02/day)
System Specs
Processor 2 x 244 Opteron
Motherboard Tyan K8W
Memory 4GB PC 2700
Video Card(s) PNY Nvidia FX3000
Storage varies
Case 4U
Power Supply PCP&C 510AG
Software Labview, 3DS Max
An exploit that appeared on Bugzilla last week is the focus of a Symantec warning.

"It does appear that triggering the vulnerability using the proof of concept results in the execution of data somewhere in anonymous memory, possibly in a portion of the heap," Symantec told customers of its DeepSight threat alert system Tuesday. "If this memory were somehow populated by an attacker with a malicious payload, this condition could likely be exploited to execute arbitrary code."
Click to expand...

Secunia has given it a low warning, however that is based on it just crashing the browser not the potential subversion mentioned by Symantec. In either event it's a malformed Javascript exploit and simply employing the noscript extension and a little judgement in who gets to run scripts on your box will likely see you through till a patch is released.

View at TechPowerUp Main Site
 
You must log in or register to reply here.
Back
Top