Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: New Firefox Vulnerability SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New Firefox Vulnerability

Something nice to start a friday morning...
An unpachted vulnerability was disclosed today in Firefox browser. According the advisory, "...the vulnerability is caused due to an error in the handling of an URL that contains the 0xAD character in its domain name. This can be exploited to cause a heap-based buffer overflow.

Successful exploitation crashes Firefox and may potentially allow code execution but requires that the user is tricked into visiting a malicious web site or open a specially crafted HTML file."

Lets hope for a quick patch!

You can check the original advisory at Security Protocols and Secunia
Thanks Pat for pointing this out.


-------------------------------------------------------------------
Handler on Duty: Pedro Bueno < pbueno $$ isc . sans . org >

Pedro

155 Posts
ISC Handler
Sep 9th 2005

Sign Up for Free or Log In to start participating in the conversation!