Thursday, July 16, 2009

Mozilla Firefox Memory Corruption Vulnerability

Secunia Logo
Secunia security site has issued an advisory notice that Firefox has a security vulnerability. It affects Firefox 3.5 and i regarded a highly critical. Apparently, it is caused by a Javascript error when dealing with <font> tags and can lead to memory corruption and alow a malicious peron to compromise a user's system.

Solution:
Set "javascript.options.jit.content" to "false" by opening about:config.

Do not browse untrusted websites or follow untrusted links.

Provided and/or discovered by:
SBerry (Simon Berry-Byrne)

Changelog:
2009-07-15: Updated "Solution" section with temporary workaround information. Added vendor link to the "Original Advisory" section. Added US-CERT link to the "Other References" section.

Original Advisory:
SBerry:
http://milw0rm.com/exploits/9137

Mozilla:
http://blog.mozilla.com/security/2009...vascript-vulnerability-in-firefox-35/

Other References:
US-CERT VU#443060:
http://www.kb.cert.org/vuls/id/443060

Visit http://secunia.com/advisories/35798/ for more details and useful information on security threats in general.

Reblog this post [with Zemanta]

No comments:

Post a Comment

Please leave your comments. I reserve the right to delete racist, abusive, pornographic and other distasteful posts without warning.

Featured Post

DDR5 Memory: Unveiling the Next Generation of Memory Technology

Empowering Your System with Unprecedented Performance In the ever-evolving landscape of computer technology, the demand for faster, more eff...