New Firefox Vulnerability

Something nice to start a friday morning...
An unpachted vulnerability was disclosed today in Firefox browser. According the advisory, "...the vulnerability is caused due to an error in the handling of an URL that contains the 0xAD character in its domain name. This can be exploited to cause a heap-based buffer overflow.

Successful exploitation crashes Firefox and may potentially allow code execution but requires that the user is tricked into visiting a malicious web site or open a specially crafted HTML file."

Lets hope for a quick patch!

You can check the original advisory at Security Protocols and Secunia
Thanks Pat for pointing this out.

Handler on Duty: Pedro Bueno < pbueno $$ isc . sans . org >


155 Posts
ISC Handler
Sep 9th 2005

Sign Up for Free or Log In to start participating in the conversation!