New Firefox Vulnerability Revealed

Not long after Firefox 3.5.1 was released to address a security issue, a new exploit has been found and a proof of concept has been posted. "The vulnerability is a remote stack-based buffer-overflow, triggered by sending an overly long string of Unicode data to the document.write method. If exploited, the resulting overflow could lead to code execution, or if the exploit attempts fail, a denial-of-service scenario." It's recommended that Firefox users disable Javascript until the issue is patched, though add-ons like NoScript should do the trick as well (unless a site on your whitelist becomes compromised).

Update: 07/20 00:09 GMT by KD : An anonymous reader informs us that the Mozilla security blog is indicating that this vulnerability is not exploitable; denial of service is as bad as it gets.

Defective by design

I'm sure this story will get tagged "defectivebydesign" since if this were Internet Explorer, everybody would be explaining how insecure closed source software is.

Re:Unbounded

What are six words you never, ever want to hear?

Hai, I be yo new neighbuh!

Did YOU look for it?

[Colin+Smith]

I don't know anything about JavaScript or Firefox internals,

But you thought you'd bitch to Slashdot anyway?

This call is used all the time right?

Didn't you just say you don't know shit about JavaScript or Firefox?

 

Re:Expect to see much more of this in the future..

[maxume]

This has entirely to do with the Firefox implementation of the document.write function, not javascript; it is likely that the flaw is actually in C++ code.

If you type 'javascript:document.write.toString()' into the url bar in Firefox, you will see 'function write() { [native code] }'.

Re:Turn off javascript...

[Blakey+Rat]

Especially since the only reason people turn off Javascript is so they can post snooty messages on Slashdot about how cool they are since they keep Javascript turned off. (See also: Flash)