CyTRAP Labs advisory - Mozilla Firefox JavaScript vulnerability
Ever more people have switched to using Firefox because of the number of zero-day exploits that have been reported with IE recently. However, with the rapidly increasing use of Firefox and Mozilla solutions, it should come as no surprise that there will naturally be a sleuth of undisclosed vulnerabilities as well. The publicly known ones are here:
- List of publickly known vulnerabilities in Firefox 1.5…
Mischa Spiegelmock and Andrew Wbeelsoi claim to have found found about 30 zero-day vulnerabilities in Firefox. They a made a point out of demonstrating a live exploit running in Firefox 1.5.0.7. Their main motivation was appareantly to create bot networks for their personal use, or in their own words - ‘communication networks for black hats’.
Apparently, these vulnerabilities are specific to Firefox’s implementation of Javascript and hints that they are stack overflows.
The recent security-related Mozilla commits following the presentation deal with improper validation of scope chain lookups in jsxml.c, jsinterp.c and jsiter.c, which could allow injecting content into the Chrome context.
It is likely thast a security release will come from Firefox in the next week, but in the mean time, technically inclined people can fix this problem as follows:
- 0day vulnerabilities in Firefox, with source
More information including what you want to do regarding your users can be found here:
- CASEScontact.org advisory - Mozilla Firefox, Thunderbird and Sea Monkey - JavaScript vulnerability
PLEASE REMEMBER
In the meantime, Spiegelmock has now backpedaled on those claims and says that besides crashing a system he was unable to do much more. Nonetheless, the Mozilla people are taking it seriously and continue checking the code provided by Spiegelmock and Wbeelsoi:
- Possible vulnerability reported at Toorcon
CyTRAP Labs, exploit, Firefox, information security, library, Mozilla, org projects, research, Sea Monkey, security and risk, sleuth, threats, trend, zero day