Mozilla Firefox 3.5 'TraceMonkey' Component Remote Code Execution Vulnerability

Mozilla Firefox 3.5 'TraceMonkey' Component Remote Code Execution Vulnerability

Some reports indicate that this issue is being exploited in the wild.

The following commercial exploit is available for Immunity CANVAS:

https://www.immunityinc.com/downloads/immpartners/firefox_35.tar.gz

A working commercial exploit is available through VUPEN Security - Exploit and PoCs Service. This exploit is not otherwise publicly available or known to be circulating in the wild.

Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

The following exploit code is available:

/data/vulnerabilities/exploits/35660.html
/data/vulnerabilities/exploits/35660.rb
/data/vulnerabilities/exploits/35660.py
/data/vulnerabilities/exploits/35660.pl
/data/vulnerabilities/exploits/35660-osx.py