News

Another Critical Firefox Vulnerability Emerges

19 Lug/09

firefoxIt has been only a few days ago that the Mozilla Firefox team released an update for Firefox 3.5 to Firefox 3.5.1 that would close a recently disclosed critical security vulnerability that allowed attackers to execute arbitrary code on the attacked computer system. Earlier today another Firefox vulnerability was disclosed to the public that affects the latest version of Firefox. The vulnerability can be remotely exploited and uses an stack based buffer overflow that is triggered by an overly long string of Unicode data. It can lead to remote code execution or to crashes, freezes or the allocation of a lot of computer memory.

A proof of concept has already been created that demonstrates the vulnerability. No patch has been made available yet. Firefox users are encouraged to disable JavaScript until a patch is issued to avoid leaving their computer system vulnerable for the attack.

Users working with security add-ons like NoScript might consider their Firefox installation safe without disabling JavaScript. It is however theoretically possible to compromise websites that are in the whitelist of the add-on (if the whitelist is used) which would make the system vulnerable to this kind of attack.

javascript

JavaScript can be disabled in the Firefox options in the content tab.

Tags: , , , , ,

Related posts

Continua a leggere – Original Link: Another Critical Firefox Vulnerability Emerges

Technorati Tags: , , , , , ,

Realizzazione Sito Gestionale Immobiliare

Leggi Anche

Condividi
Condividi in DeliciousCondividi in DiggCondividi in RedditCondividi in StumbleCondividi in MixxCondividi in TecnoratiCondividi in Ok Notizie

Commenti

I commenti sono disabilitati per questo articolo.

I commenti sono chiusi.

Autore

    Spina Rosario
    Inserito da

Archivio

Iscrizione Newsletter

    Tieniti informato con tutte le novità del mondo informatico con la nostra newsletter
    Email:

    Nome:

    Auto Shop Italia
    Web Burning Blog
    Info Privacy

Meta