New Firefox Vulnerability

Published: 2005-09-09
Last Updated: 2005-09-09 21:55:40 UTC
by Pedro Bueno (Version: 6)
0 comment(s)

Something nice to start a friday morning...
An unpachted vulnerability was disclosed today in Firefox browser. According the advisory, "...the vulnerability is caused due to an error in the handling of an URL that contains the 0xAD character in its domain name. This can be exploited to cause a heap-based buffer overflow.

Successful exploitation crashes Firefox and may potentially allow code execution but requires that the user is tricked into visiting a malicious web site or open a specially crafted HTML file."

Lets hope for a quick patch!
You can check the original advisory at Security Protocols and Secunia

Update:

According to FrSIRT a possible solution is:
 Disable IDN support by entering "about:config" in the  location bar, and then setting "network.enableIDN" to "false"."

Thanks Pat for pointing this out.

Update 2:
Thanks to Juha-Matti (again) :), new info from the mozilla website:

"Now Mozilla Foundation has published a security advisory entitled "What Mozilla users should know about the IDN buffer overflow security issue", which includes detailed instructions and the following information:

"The first method is to install a small download and the second method is to manually change the browser configuration."

They say that this small download (.xpi package, maybe similar than http://www.mozilla.org/security/shell.html last year) is coming soon."

-------------------------------------------------------------------
Handler on Duty: Pedro Bueno < pbueno $$ isc . sans . org >

Keywords:
0 comment(s)
Diary Archives