Back to list
Flaw in Firefox 2.0 Final
Oct 23 2006 01:48PM
mike gmail com
This flaw reported by Mozilla http://www.mozilla.org/security/announce/2006/mfsa2006-59.html
is still unfixed in the latest Firefox 2.0 final.
This exploit works in Firefox 2.0 Final: http://lcamtuf.coredump.cx/ffoxdie.html
"Jonathan Watt and Michal Zalewski independently reported timing dependent testcases that trigger crashes at the same place during text display. We have seen no demonstration that these crashes could be reliably exploited, but they do show evidence of memory corruption so we presume they could be.
[ reply ]
Copyright 2010, SecurityFocus