iDEFENSE Security Advisory 02.28.05: Mozilla Firefox and,MozillaBrowser Out Of Memory Heap Corruptio

Discussion in 'Computer Security' started by winged, Mar 2, 2005.

  1. winged

    winged Guest

    FIX: UPGRADE FIREFOX 1.01 posted at firefox site.

    The article indicates there are no currently know work arounds.

    Thought folks here would find this interesting.


    Mozilla indicates the likelihood of a working exploit is minimal:

    Mozilla indicates version 1.01 is not vulnerable.

    I thought folks might be interested. I would upgrade, while I
    understand the complexity of the exploit (ie injecting code at the fail
    point when memory heap is exhausted) a failed attempt would crash the
    browser. I would prefer my browser, or anything else, don't crash. I
    wouldn't be surprised to see the bad guys crash the browser just to be
    rude to those refusing their play toys.

    winged, Mar 2, 2005
    1. Advertisements

  2. winged

    winged Guest

    Was doing some research on the individual (Daniel de Wildt) who surfaced
    this exploit and saw he had identified several others. (Just checking to
    see if he was related to Microsoft, would have made a nice conspiracy
    theory), but alas he has surfaced several MS exploits too. Someone get
    this guy a passport and a job, he would be useful! He is involved in
    much more than researching exploits, a true nerd. Of course it sounds
    like he has a very full plate. An interesting person. Great google

    winged, Mar 2, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.