Firefox 3.5 Critical Exploit Detected
An exploit has been released for a vulnerability that has been detected, but still uncorrected, in Firefox 3.5, which allows you to execute code using a specially crafted “font” tag. In the example present in the exploit, the calculator is launched in Windows. Nothing is reported about the method's performance in other operating systems; nevertheless, the vulnerability is not of an OS-specific nature and is related to a buffer overflow during the processing of the “font” tag.
Mozilla is informed about the exploit, but there is no update yet. For now, you can use the NoScript add-on to prevent your browser from exploiting.
Mozilla is informed about the exploit, but there is no update yet. For now, you can use the NoScript add-on to prevent your browser from exploiting.
')
Source: https://habr.com/ru/post/64459/
All Articles