[ISN] Firefox flaw found: Remote exploit possible

InfoSec News isn at c4i.org
Mon Sep 12 02:23:23 EDT 2005


By Peter Sayer
SEPTEMBER 09, 2005

Computers running the Firefox browser could be open to remote attack
as a result of a buffer overflow vulnerability reported today by
security researcher Tom Ferris.

Vulnerable versions of Firefox include all those up to 1.06, and even
the just-released Version 1.5 Beta 1 (Deer Park Alpha 2), Ferris wrote
in a posting to his Web site, Security Protocols, and to the Full
Disclosure security mailing list just after 1 a.m. EDT today.

Ferris said he reported the bug to staff at the Mozilla Foundation,
the organization behind the Firefox browsers, on Sept. 4, but had no
idea whether the foundation is working on a fix for the problem.

The problem is caused by a bug in the code Firefox uses to process
HTML links in Web pages, Ferris said. Links pointing to a host with a
long name composed entirely of dashes can be crafted so that Firefox
will execute arbitrary code of an attacker's choosing.

Mozilla officials said today that they learned of the issue on Tuesday
and are already working on a patch. "We have a preliminary patch for
part of the problem, and are in the process of developing a
comprehensive solution that will appear in a upcoming release," said
Michael Schroepfer, Mozilla's head of engineering. He was not sure
when the patch would be released.

Last month, Ferris reported a critical flaw in fully patched versions
of Microsoft Corp.'s Internet Explorer 6 running on Windows XP Service
Pack 2. The flaw was acknowledged by Microsoft, but in that instance,
Ferris did not reveal any details of the flaw or how it could be


Computerworld's Sharon Machlis and Todd Weiss contributed to this

More information about the ISN mailing list