|
Firefox 3.5.1 Still Crashing, But Not Exploitable, Says Mozilla
|
Posted by Donster on: 2009-07-20 15:41:04 208
|
Source: HEXUS
Just days ago, Mozilla squashed 22 bugs - seven of which were rated as critical - be releasing the latest installation of its Firefox browser, version 3.5.1.
Unfortunately, that release was quickly followed with a number of reports suggesting that a stack buffer overflow vulnerability had been found in multiple versions of the browser, including the latest release.
Various reports have seemingly jumped the gun and suggested that the vulnerability - which relates to Firefox's handling of long Unicode strings - leaves Mozilla's browser exploitable to attackers wanting to execute malicious code. According to Mozilla, that's anything but the case:
"In the last few days, there have been several reports (including one via SANS) of a bug in Firefox related to handling of certain very long Unicode strings. While these strings can result in crashes of some versions of Firefox, the reports by press and various security agencies have incorrectly indicated that this is an exploitable bug."
According to Shaver, the bug can cause Firefox to crash on Windows or Mac computers, but users should not be worried about third-party exploits.
|
|
News Source: Email
|
|
