Slashdot Mirror


Firefox 3.5's First Vulnerability "Self-Inflicted"

CWmike writes "Mozilla has confirmed the first security vulnerability in Firefox 3.5, saying that the bug could be used to hijack a machine running the company's newest browser. A noted Firefox contributor called the situation 'self-inflicted' and said it was likely that the hacker who posted public exploit code Monday became aware of the flaw by rooting through Bugzilla, Mozilla's bug- and change-tracking database. The vulnerability is in the TraceMonkey JavaScript engine that debuted with Firefox 3.5, said Mozilla. '[It] can be exploited by an attacker who tricks a victim into viewing a malicious Web page containing the exploit code,' Mozilla's security blog reported Tuesday."

2 of 156 comments (clear)

  1. Yeah, right by DoofusOfDeath · · Score: 5, Funny

    '[It] can be exploited by an attacker who tricks a victim into viewing a malicious Web page containing the exploit code,' Mozilla's security blog reported Tuesday."

    Oh sure, I'm definitely going to follow that link now.

  2. Re:MOD PARENT UP by the+way,+what're+you · · Score: 5, Funny

    I've got at least a dozen non-default settings I've set in about:config. What's one more?

    at least a baker's dozen?

    --
    example.org - powered by Linux!