funsec mailing list archives

Re: Critical JavaScript Flaw Hits Firefox

From: Jordan Wiens <numatrix () ufl edu>
Date: Mon, 26 Feb 2007 13:51:07 -0500

Fergie wrote:

[original content here]

The use of a certain JavaScript instruction can cause Firefox to crash,
allowing an attacker complete access to a system and the ability to run
malware remotely.

[snip]

More:
http://www.vnunet.com/vnunet/news/2184139/vulnerability-uncovered

I recommend http://NoScript.net/ plug-in for Firefox.

Seconded. Between noscript and safecache/safehistory(http://crypto.stanford.edu/sameorigin/) I have a really hard time eventesting the PoC for some of these vulns on my own machine.


--
Jordan Wiens, CISSP
UF Network Security Engineer
(352)392-2061
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Critical JavaScript Flaw Hits Firefox Fergie (Feb 26)
- Re: Critical JavaScript Flaw Hits Firefox Jordan Wiens (Feb 26)
- Re: Critical JavaScript Flaw Hits Firefox Reed Loden (Feb 26)
  - Re: Critical JavaScript Flaw Hits Firefox Jordan Wiens (Feb 26)
- <Possible follow-ups>
- Re: Critical JavaScript Flaw Hits Firefox Fergie (Feb 26)
  - Re: Critical JavaScript Flaw Hits Firefox Reed Loden (Feb 26)
    - Re: Critical JavaScript Flaw Hits Firefox Jordan Wiens (Feb 26)