Thursday, July 16, 2009

Mozilla Firefox Memory Corruption Vulnerability

Secunia Logo
Secunia security site has issued an advisory notice that Firefox has a security vulnerability. It affects Firefox 3.5 and i regarded a highly critical. Apparently, it is caused by a Javascript error when dealing with <font> tags and can lead to memory corruption and alow a malicious peron to compromise a user's system.

Solution:
Set "javascript.options.jit.content" to "false" by opening about:config.

Do not browse untrusted websites or follow untrusted links.

Provided and/or discovered by:
SBerry (Simon Berry-Byrne)

Changelog:
2009-07-15: Updated "Solution" section with temporary workaround information. Added vendor link to the "Original Advisory" section. Added US-CERT link to the "Other References" section.

Original Advisory:
SBerry:
http://milw0rm.com/exploits/9137

Mozilla:
http://blog.mozilla.com/security/2009...vascript-vulnerability-in-firefox-35/

Other References:
US-CERT VU#443060:
http://www.kb.cert.org/vuls/id/443060

Visit http://secunia.com/advisories/35798/ for more details and useful information on security threats in general.

Reblog this post [with Zemanta]

Featured Post

Black Friday Offer from Macphun. Get Luminar 2018 and bonuses for just £64! Discount code available too for extra $10 off!

For Black Friday macphun have a great offer on. Purchase Luminar 2018 (or upgrade) get a pack of free bonuses (worth $130)! If you order ...