Critical Vulnerability(Arbitrary Code Execution) in Firefox 3
ADVERTISEMENTS
Firefox 3, One of the Maximum Downloaded Open Source browser has just finished up with its World Record Download Day and here is one more big news about a possible Critical Vulnerability in Firefox 3
Devlabs from Tippingpoint has reported a critical vulnerability with high severity affecting Firefox 3 and prior versions of Firefox 2.0.x. on their Zero Day Advisory Page. Devlabs has confirmed this vulnerability in their research lab and have contacted Mozilla Security Team
Firefox 3 Vulnerability is related to arbitrary code execution on successful exploitation. Proof of concept is still not available about this vulnerability. Mozilla team is working on fix and will soon release a patch.
Read What Devlabs Says,
We verified the vulnerability in our lab, acquired it from the researcher, then promptly reported the vulnerability to the Mozilla security team shortly after. Successful exploitation of the vulnerability could allow an attacker to execute arbitrary code. Not unlike most browser based vulnerabilities that we see these days, user interaction is required such as clicking on a link in email or visiting a malicious web page.
Till the time patch is made available from Firefox 3, every Firefox 3 user is open for attack But I am sure we will have Patch for this vulnerability Soon.
Reader Comments
No browser is completely secure. What matters is the response time.
Btw, ideally people should no go public with zero day exploits. Instead they should work closely with the browser manufacturer and disclose the vulnerability only after it has been patched.
I remember this happening with Opera on several occasions.