Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Firefox new exploit - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Firefox new exploit

This is one of the strangest bugs beings discussed in Firefox that I've ever followed.

For Firefox we usually get an open and direct response. Yet this feels relatively unconfirmed and in the shade. So what's up here?

Feel free to contact us. Please no links to media rehashing the same all over we're looking for first hand sources confirming or denying.

Anyway, for those in doubt or fear: you could install and use NoSCript: that should remove the threat of that exploit completely.

--
Swa Frantzen -- Section 66

Swa

760 Posts
how about the mozilla blog?
http://blog.mozilla.com/security/2009/07/14/critical-javascript-vulnerability-in-firefox-35/
Anonymous
@drew: Thanks! That hit the spot and I updated the entry completely.
Swa

760 Posts
no problem! i actually received an alert from watchguard before it even hit sans. :)
Anonymous
Note, Heisse and others are incorrectly reporting this as a 0-day. I haven't been able to find any references to active exploits (although code exists). Not a true 0-day unless the vulnerability is discovered as the result of a compromise (ie - you got hacked via a previously undisclosed vuln).
Anonymous
@Halibut it all depends on the definition of 0-day you use
Swa

760 Posts
It's in MSF trunk and has been for a couple of days people.
Anonymous
The sample I provided to the handlers used the milw0rm code and was it was provided before msf released the module for the exploit. I've also not seen it used in any other malware sites or kits yet. I'm sure this will (or has) changed. @cyberpix, we realise it's in the trunk, we're simply notifying people that it's being actively exploited.
Anonymous
After I have followed some of the links given in one of the yesterday's post, I was abble to access to many javascripts files exploiting FF 3.5 ... So, be careful, exploits are really in the wild and ready to compromise !
Jean

5 Posts

Sign Up for Free or Log In to start participating in the conversation!