Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: InfoSec Handlers Diary Blog - Remote DoS in Firefox 1.5.0.7 and Firefox 2 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Remote DoS in Firefox 1.5.0.7 and Firefox 2

Published: 2006-11-01
Last Updated: 2006-11-01 04:54:03 UTC
by John Bambenek (Version: 1)
0 comment(s)
There is a new advisory out that indicates there is a remote denial of service exploit in Firefox 1.5.0.7 and Firefox 2.  The original post indicated that there could be a buffer overflow and remote code execution component, but as of 10/31 this has not been verified. This exploit will occur when a specifically crafted webpage tries to create a range object with "createRange". So far it will only make the browser crash.  If new information is made available, we will post updates.

---
John Bambenek
bambenek /at/ gmail (dot) com
Keywords:
0 comment(s)
Diary Archives