| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 66052 | 2006-02-09 05:46:00 | FireFox Exploit/Update CRITICAL! | SurferJoe46 (51) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 428666 | 2006-02-09 05:46:00 | The two pieces of exploit code, posted online earlier this week, take advantage of a security vulnerability in Firefox that Mozilla patched in an update Thursday . In response to the exploit release, the browser maker on Tuesday upgraded the severity rating of the flaw from "moderate" to "critical," its most serious rating . "This exploit was published after we released the 1 . 5 . 0 . 1 update," said Mike Schroepfer, vice president of engineering at Mozilla . "Most of our users had already been upgraded by the time this exploit was published . " The code could be used to commandeer computers running a vulnerable version of the open-source Web browser on Linux or Mac OS X systems . It has been published as part of the Metasploit Framework, a widely used hacking tool . The specific flaw exists only in Firefox 1 . 5 and was fixed in Firefox 1 . 5 . 0 . 1 . The problem could cause a memory corruption an outsider could use to run code on a vulnerable PC, according to a Mozilla advisory . The corruption would come from calling the "QueryInterface" method of the Location and Navigator objects in the browser . Firefox users have already been urged to install the patched version of the browser . Security monitoring company Secunia last week rated the Firefox update "highly critical," and Mozilla has pushed out updates . If for some reason users have not upgraded, they should definitely do so . |
SurferJoe46 (51) | ||
| 1 | |||||