Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Mozilla Firefox 1.0.3 Exploit

Posted by CmdrTaco on from the happens-to-every-browser dept.

An anonymous reader writes "News sources are reporting that a 'killer' new Firefox exploit has been revealed today by FrSIRT who warn that this 0day exploit/vulnerability (as yet unpatched) should be rated as critical. Summary of the exploit: If a user clicks anywhere on a specially crafted page, this code will automatically create and execute a malicious batch/exe file. Proof of concept code supplied by FrSIRT."

9 of 596 comments (clear)

  1. DOD SOURCE NOW AVAILABLE by Anonymous Coward · · Score: -1, Troll

    not! cock knockers!!!!!!

  2. The sky is falling! by Anonymous Coward · · Score: -1, Troll

    But, but but... how can this be? Firefox is soooooo secure!?

  3. Re:I'm not too worried by Anonymous Coward · · Score: -1, Troll

    Posting from Konqueror on Linux, I'm pretty confident this exploit doesn't (directly) impact me, but it leads me to ask the question: How long until the Mozilla guys can patch this?

    Why do you care if this doesn't affect you?

  4. Here we go with the Firefox Vs IE... by distantbody · · Score: 0, Troll

    Firefox has rightly earnt a strong following, but in the proud tradition of the FANBOY, some firefox nuts will probably have an adverse reaction to the news that firefox has a vulnerability, and subsequently die.

  5. Re:Yup - secure... by Gordonjcp · · Score: 0, Troll
    You may care about this, but not the user that doesn't monitor security sites or Slashdot, and just cares if s/he can browse CNN.com properly, and so on.


    Oh, don't be so bloody stupid. What about the poor car drivers who don't know that a red light at a junction means they should stop so they don't get flattened by a truck?

  6. Re:This is getting really old by Anonymous Coward · · Score: -1, Troll

    The Mozilla-"developers".

    Seriously: the AOL-employees should just concentrate on producinge spyware instead of trying to make a browser.

    IE = perfect
    Opera = good
    Mozilla/Firefox = complete and utter crap

  7. Re:Uh oh! by Donny+Smith · · Score: -1, Troll

    >To my mind that is the real test

    I don't agree?
    The real test would be number of vulns multiplied by seriousness.

    >Then compare that time to M$' response time.

    Whatever. In the meantime, I'll switch to MS IE as it has no known serious vulns and later go back to the newest Firefox.

    I think it's clear by now that both these browsers aren't particularly secure so there's no real reason to favor one instead of the other when it comes to security. Firefox has spent its credit when it comes to security.

  8. Re:Yup - secure... by cortana · · Score: 0, Troll

    If you had been more polite, I might have had some suggestions. But since you weren't, please fuck off to google.com.

  9. Re:Uh oh! by Nazadus · · Score: 0, Troll

    Puh-leeze.
    Are you telling me you expect a noob to know this?
    How is my grandmother supposed to know of this?
    Why doesn't the little red arrow (update icon) display yet?
    So, as far as I'm concerend -- it's not.
    *tick* *tock*

    --
    "Do or do not. There is no try." -- Master Yoda (Half man, half muppet)