Exploit code for Firefox flaw appears on internet


Exploit code for Firefox flaw appears on internet

Antony Savvas

Exploit code that can use older versions of the open-source Firefox browser to remotely take over users’ PC has appeared on the internet.

Users of Firefox browsers older than version 1.0.5 could be attacked using the code, which has been published by Israeli software developer Aviv Raff.

Raff said Firefox users had been given ample time to upgrade their browsers, to avoid falling victim to the type of attack that can be created using his code, which demonstrates a flaw originally publicised this summer.

The vulnerability was fixed by Firefox distributor Mozilla with version 1.0.5. Mozilla also recently launched the major Firefox 1.5 upgrade, equipped with a host of new security features.

The flaw that Raff’s code can be used to exploit relates to the way older versions of Firefox handle JavaScript in web pages.

Malicious websites could be used to allow remote attackers to run arbitrary code on a user’s machine without them knowing.

Mozilla released an advisory this week about a potential problem in Firefox 1.5, which addressed the possibility of the browser “hanging” when visiting certain websites. This was described as a minor issue by Mozilla.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy