New Firefox Vulnerability Revealed

← Back to Stories (view on slashdot.org)

New Firefox Vulnerability Revealed

Posted by Soulskill on Sunday July 19, 2009 @05:15AM from the whack-a-fox dept.

Not long after Firefox 3.5.1 was released to address a security issue, a new exploit has been found and a proof of concept has been posted. "The vulnerability is a remote stack-based buffer-overflow, triggered by sending an overly long string of Unicode data to the document.write method. If exploited, the resulting overflow could lead to code execution, or if the exploit attempts fail, a denial-of-service scenario." It's recommended that Firefox users disable Javascript until the issue is patched, though add-ons like NoScript should do the trick as well (unless a site on your whitelist becomes compromised).

Update: 07/20 00:09 GMT by KD : An anonymous reader informs us that the Mozilla security blog is indicating that this vulnerability is not exploitable; denial of service is as bad as it gets.

19 of 250 comments (clear)

Unbounded by Mikkeles · 2009-07-19 05:19 · Score: 5, Funny

So who's the moron using unbounded buffers?

--
Great minds think alike; fools seldom differ.
1. Re:Unbounded by EsbenMoseHansen · 2009-07-19 06:59 · Score: 5, Funny
  
  What are six words you never, ever want to hear?
  "I have a headache tonight, dear"
  
  --
  Religion is regarded by the common people as true, by the wise as false, and by rulers as useful.
2. Re:Unbounded by Torodung · 2009-07-19 07:04 · Score: 4, Funny
  
  I am shocked, shocked, to find unbounded buffer use in this open-source application.
  --
  Toro
3. Re:Unbounded by Torodung · 2009-07-19 07:34 · Score: 3, Funny
  
  Again? That was my first reply, and it's a joke referencing Casablanca. I can format it the other way, if you like:
  
  I am shocked, shocked, to find half-baked misinformation on this Slashdot web-forum.
  Your reply is a meme syntax error: Response Out Of Range: !Sense of Humor ;^)
  --
  Toro
4. Re:Unbounded by Anonymous Coward · 2009-07-19 08:27 · Score: 1, Funny
  
  "I'm gonna fuck you anyway, bitch."
5. Re:Unbounded by FatdogHaiku · 2009-07-19 09:18 · Score: 5, Funny
  
  Ladies and Gentleman, President Jeb Bush.
  
  --
  You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
6. Re:Unbounded by DragonMantis · 2009-07-19 09:21 · Score: 1, Funny
  
  Ladies and Gentleman, President Barack Obama.
7. Re:Unbounded by Draek · 2009-07-19 09:27 · Score: 3, Funny
  
  "wow, its so small and cute"
  
  --
  No problem is insoluble in all conceivable circumstances.
fix: by Anonymous Coward · 2009-07-19 05:31 · Score: 5, Funny

document.write = function(){ alert("This website was designed by a fucking idiot."); };
1. Re:fix: by nacturation · 2009-07-19 05:43 · Score: 5, Funny
  
  I tried this using greasemonkey and wanted to thank you for it, but I had to switch to Internet Explorer to post the reply as for some reason Slashdot started bringing up a million alert boxes.
  
  --
  Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
Re:Just patch it and let's move on. by RichardJenkins · 2009-07-19 05:33 · Score: 2, Funny

Well, obviously he meant 24 hours after it was posted on Slashdot. As we all know, it's not real until it's on Slahdot.
Slow News Day, Obviously by Anonymous Coward · 2009-07-19 05:34 · Score: 1, Funny

In other news, Apollo 11 was faked.
A: Firefox users by iYk6 · 2009-07-19 05:42 · Score: 4, Funny

If you use firefox, then you are the moron using unbounded buffers.
Firefox sucks by isa-kuruption · 2009-07-19 06:18 · Score: 5, Funny

This is the reason why I avoid crappy software like Firefox and stick to MSIE! Firefox is riddled with bad, bloated code making it easily subjectable to these types of attacks. On top of that, the development model allows mistakes like this to get into the codebase without proper quality assurance.
If I have to /sarcasm, I will kill you.
Firefox Vulnerability by DaveV1.0 · 2009-07-19 06:21 · Score: 2, Funny

But, but, but, that's unpossible!

--
There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
Slashdot is packed with double-standards by bonch · 2009-07-19 09:01 · Score: 1, Funny

This site is full of double standards. This is the same website that is against copyrights when it comes to piracy because it gets them stuff for free, but for copyrights when it comes to a GPL violation because the GPL gets them stuff for free. Whichever is the self-serving position is the one that's adopted.
1. Re:Slashdot is packed with double-standards by bonch · 2009-07-19 17:08 · Score: 1, Funny
  
  "The GPL assures the copyright of the software." - FSF website
Re:NoScript by Fnord666 · 2009-07-19 09:13 · Score: 2, Funny

you can enable JavaScript for just the source domains you trust (e.g. Facebook), ...

You did not just say that. Tell me you did not just say that.

--
'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
Re:NoScript by metamatic · 2009-07-19 09:27 · Score: 2, Funny

I'm not aware of any malware having been launched from facebook.com.

--
GCHQ Quantum Insert installed. If only our tongues were made of glass, how much more careful we would be when we speak