Firefox Javascript Flaw Documented
Terren Tong - Wednesday, April 6, 2005 9:48am (PST)
0
Favourite (0)
Non-IE browsers not immune from security holes
There is a security alert over at Secunia regarding a bug in Firefox's JavaScript engine
The vulnerability is caused due to an error in the JavaScript engine, as a "lambda" replace exposes arbitrary amounts of heap memory after the end of a JavaScript string.Doh. This affects the latest versions of Firefox and while a patch is apparently being worked on, there isn't one available yet. The paranoid can temporarily plug this hole by disabling JavaScript.Successful exploitation may disclose sensitive information in memory.
Section: Internet Related
-
Guest Apr 6, 05Hmmm. Not patched, eh? Well I wonder how just passed Secunia's test based on Poc per Azafran's finding? Guess I am imagining... -
Guest Apr 6, 05Hmmm. Not patched, eh? Well I wonder how just passed Secunia's test based on Poc per Azafran's finding? Guess I am imagining...
- This news story is archived and is closed to new comments now -
Latest Comments
- CryEngine 3 physics demo features "most realistic vehicle damage model ever" [2]
- Diablo III stats reveal most used runes, more [2]
- More Halo 4 multiplayer beta leaks, armor abilities teased [4]
- Next Guild Wars 2 beta weekend event dated, characters will carry over [2]
- Mass Effect 3 Rebellion DLC launches today, trailer shows off content [4]
Most Comments
- Diablo 3 launch marred by bugs, lag, and server disruption [38]
- PlayStation 4 outed via Sony engineer’s LinkedIn profile [34]
- Elder Scrolls Online details, early screenshots leaked [34]
- The Elder Scrolls Online officially confirmed, set a millenium before Skyrim [28]
- Leaked redesigned Wii U controller image shows analog sticks [27]
Latest News
- Tue, May 29
- RI governor's "devastating" remarks ruined publisher deal, claims 38 Studios founder
- CryEngine 3 physics demo features "most realistic vehicle damage model ever"
- Mass Effect 3 Rebellion DLC launches today, trailer shows off content
- Mass Effect 3 1.03 patch incoming, includes "anti-AFK" system, Vanguard fix, more
- Diablo III stats reveal most used runes, more
- Mon, May 28
- Jet Set Radio coming to Vita
- Prototype 2 Excessive Force DLC launches with trailer
- Next Guild Wars 2 beta weekend event dated, characters will carry over
- More Halo 4 multiplayer beta leaks, armor abilities teased
- Larian teases two-player old-school RPG with Divinity: Original Sin
- Chart-Track: Ghost Recon Future Soldier tops UK charts
- BBC broadcasts Halo UNSC logo during Syria report
- Heavy Rain developer may unveil new game at Sony's E3 presser
- Infinity Ward has received nearly half a billion in bonuses
- Stronghold 3 1.1 patch released, last one says Firefly
- Max Payne 3 PC requirements detailed further, new screens available
- Sun, May 27
- Planetside 2 trailer focuses on air combat
- Risen 2 Air Temple DLC released
- Carmageddon: Reincanation funded on Kickstarter
- Halo 4 multiplayer beta gameplay leak may be the most ridiculous leaked video ever
- Fri, May 25
- Sins of a Solar Empire: Rebellion multiplayer aims to be more accessible, includes Steam integration
- Mass Effect 3 N7 weekend sees more Banshees due to Operation: Silencer failure
- Fresh 'Deadlight' trailer is another reason to watch for this XBLA game
- Hitman: Absolution trailer reveals 'Sniper Challenge' mini-game
- Halo 4 pre-orders earn special armor, camo skins from multiple retailers
Latest Net Reviews
| · | Asus Sabertooth X79 TUF (German) |
| · | Crucial Adrenaline |
| · | Roccat Isku |
| · | Lian Li PC-TU200 |
| · | Corsair Obsidian 550D (German) |
| · | SilenX Effizio EFZ-120HA5 |
Latest Inhouse
