Exploit code for Firefox flaw appears on internet

News

Exploit code for Firefox flaw appears on internet

Antony Savvas

Exploit code that can use older versions of the open-source Firefox browser to remotely take over users’ PC has appeared on the internet.

Users of Firefox browsers older than version 1.0.5 could be attacked using the code, which has been published by Israeli software developer Aviv Raff.

Raff said Firefox users had been given ample time to upgrade their browsers, to avoid falling victim to the type of attack that can be created using his code, which demonstrates a flaw originally publicised this summer.

The vulnerability was fixed by Firefox distributor Mozilla with version 1.0.5. Mozilla also recently launched the major Firefox 1.5 upgrade, equipped with a host of new security features.

The flaw that Raff’s code can be used to exploit relates to the way older versions of Firefox handle JavaScript in web pages.

Malicious websites could be used to allow remote attackers to run arbitrary code on a user’s machine without them knowing.

Mozilla released an advisory this week about a potential problem in Firefox 1.5, which addressed the possibility of the browser “hanging” when visiting certain websites. This was described as a minor issue by Mozilla.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy