Memory Corruption Hole in Firefox 13

Friday, June 15, 2012 @ 05:06 PM gHale

There is a memory corruption vulnerability in Firefox 13 that Mozilla will fix in upcoming versions.

In a video, Ucha Gobejishvili, the researcher that found the hole, showed by launching the specially crafted HTML file it would trigger the vulnerability causing a denial-of-service (DoS) state.

SeaMonkey Closes Security Holes
DoS Tool Takes Out Web Host
Google Rolls Out Attack Warning
Google: Web Sites Hacked

In practice, an attacker would have to host a website that contains the malicious webpage. Then, with the aid of cleverly designed emails or instant messages, he could lure potential victims to the website.

Mozilla has already presented improvements in security with the release of the 14 Beta variant of the web browser. The most important of them is the introduction of HTTPS connections by default for Google searches.

Leave a Reply

You must be logged in to post a comment.