Security researchers are claiming exploit code that
takes advantage of a flaw in the open source Firefox browser will
soon start circulating on the internet.
The Mozilla Foundation recently issued a temporary fix to the
problem in its Firefox browser, and is busy trying to develop a
permanent solution, but messages on security message boards are
claiming hackers are already developing exploits.
The problem relates to the way Firefox handles Internationalised
Domain Names (IDNs). IDNs are domain names that use local language
characters.
The IDN fault in Firefox allows attackers to potentially cause a
buffer overflow in the browser and execute their own malicious code
on users’ machines.
The problem is also said to affect the latest version of
Netscape’s browser. The temporary fix issued by Mozilla disables
IDNs. A full fix to be issued by Mozilla will fix the problem and
still allow users to safely handle IDNs.