Firefox JavaScript Engine Flaw Flagged

KingFishKingFish
edited April 2005 in Science & Tech
A moderately critical security flaw in the Mozilla Foundation's Firefox Web browser could put users at risk of information disclosure attacks, according to an advisory from security research outfit Secunia.
The vulnerability has been confirmed in Firefox 1.0.1 and 1.0.2, the two latest browser releases from the open-source foundation. It also affects the Mozilla suite, Secunia warned.

"The vulnerability is caused due to an error in the JavaScript engine, as a 'lambda' replace exposes arbitrary amounts of heap memory after the end of a JavaScript string," the advisory read.

Secunia has released an online test to allow Firefox and Mozilla users to determine if they are affected by the bug.

"Successful exploitation may disclose sensitive information in memory," the company said.
Source: eWeek

Comments

  • primesuspectprimesuspect Beepin n' Boopin Detroit, MI Icrontian
    edited April 2005
    Link to the test:

    http://secunia.com/mozilla_products_arbitrary_memory_exposure_test/
  • CyrixInsteadCyrixInstead Stoke-on-Trent, England Icrontian
    edited April 2005
    What does the test do Brian? I tried clicking it a few times & my browser crashed so I guess I'm vulnerable? But what to do next? Is there a patch?

    ~Cyrix
  • shwaipshwaip bluffin' with my muffin Icrontian
    edited April 2005
    It reads a random 10kb of memory and prints it in the box...something like this:
    c k A 9 O O O 9 m 5 T 6 5 5 W V 5 D V 5 A forumid E P 3 B 0 e f a f ' 3 3 px;font-family: 0 " showthread.php?mode=hybrid&t=30424 yey ) ( ? i a a \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ lu a an text/javascript m 5 T 6 5 5 W V 5 D V 5 j P 3 P 3 P 3 P # 3 A / V D ' m 5 T 6 5 5 W V 5 D V 5 C # % ../../global/images/box/fmtopleft.gif sd - 5 t 1 J g tbody S 3 3 3 # 3 9 : ? Z 5 m 5 T 6 5 5 W V 5 D V 5 m 5 T 6 5 5 W V 5 D V 5 J ' 4 4 000-4 999 : P - 7 P P A ' div m 5 T 6 5 5 W V 5 D V 5 ' n m 5 T 6 5 5 W V 5 D V 5 ( 8 # 8 8 ) 1 s m 5 T 6 3 C 7 P . 4 / Q Vacant positions at Secuniab? .p ' = a f " P 3 P 3 P 3 P # 3 I K L 3 M 3 N O 3 P 3 R " f black co ( & " ' @ m 5 T 6 5 5 W V 5 D V 5 g f 0 6 = W ; ; = ; ; V m V V T l 5 W ; m = V W V E = ; E = l T = V = ; = T = V m ; ; l T = V = T = V m ; ; 6 /gfx/blank.gif K n x 5 5 000-5 999 text/css d # ( 3 P 3 Z Z 3 3 P : _ a b 3 c 3 d e 3 f 3 h ( m 5 T 6 5 5 W V 5 D V 5 A j ( m 5 T 6 5 5 W V 5 D V 5 100 1 ' s I ' s search.php?do=getnew ) g ing ' A m 5 T 6 5 5 W V 5 D V 5 4 b P " " 0 9 \ a 5 D C (
  • CyrixInsteadCyrixInstead Stoke-on-Trent, England Icrontian
    edited April 2005
    Well yes it did that, but what does *that* exactly mean? Like I said it crashed after a few times of clicking the button, I thought this might be the vulnerability? I'm confused... :scratch:

    ~Cyrix
  • shwaipshwaip bluffin' with my muffin Icrontian
    edited April 2005
    it's possible that if this is done to you right after you type personal info (SSN/credit card/etc) into some webpage, they could get it. I guess.
Sign In or Register to comment.