Slashdot Mirror
2 Firefox Security Flaws Lead to Exploit Potential
Marthisdil points out a News.com story which reports that "Two vulnerabilities in the popular Firefox browser have been rated "extremely critical" because exploit code is now available to take advantage of them." Security firm Secunia reported the vulnerabilities (and the "extremely critical" rating is theirs), but the News.com story points out that thus far, "no known cases have yet emerged where an attacker took advantage of the public exploit code." Update: 05/09 20:20 GMT by T : Rebron of the Mozilla Foundation sends a correction; this is really the same flaw reported yesterday. He suggests that you glance at the Mozilla security alert on this hole (as well other alerts at the Mozilla Security Center), and says "The Mozilla Foundation has made changes to our update servers that will protect users from this arbitrary code execution exploit."
Dupe or Yet Another FireFox Flaw ? Nah, easy to guess on Slashdot...
I have discovered a truly marvelous proof of killer sig, which this margin is too narrow to contain.
Except it hasn't been exploited, its only a hole that could be exploited and will most likely be patched in a week or so.
Besides, it only works if you added sites to your whitelist other than the default Mozilla update ones.
Whoa. So you mean the number of "extremely critical" holes discovered in a program varies in accordance with the number of users of the program? I never would have guessed... Gosh, you don't think that maybe IE's code really isn't worse than other browsers' after all, do you?
You have tried to support your argument with faulty reasoning! Go directly to jail; do not pass Go, do not collect $200!
This is old, old old news. I knew about this 2 nights ago, even had the exploit code, thanks to BugTraq mailing list.