In other news

Looks like crackers are finally starting to turn their sights on Mozilla Firefox. A DoS vulnerability has been discovered which causes Firefox to crash simply by browsing to a malformed website. Note that this particular security flaw does not allow a cracker to gain any sort of control over your computer, nor does it allow him/her to access any of your information. It just crashes your browser, forcing you to manually terminate and reopen in order to view more websites. If you want to see this in action, I’ve copied the demo code at the aforementioned site to mine. You can crash your copy of Firefox (< = 1.0.7) here.

3 thoughts on “In other news

  1. Colin M

    The source to the DoS is really simple, I think the combination of two opened-but-not-closed HTML tags is the root of the problem. Not really sure why Firefox doesn’t give up upon hitting the end of the file/data, but apparently it’s waiting for something to close. Presumably there will be a fix out very shortly.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *