3P Techies Forum

Tech Support & Sciences => I.T. Support Crip => Topic started by: ebenzunlimited on June 19, 2012, 04:53:35 PM

Title: Memory Corruption Vulnerability in Firefox 13
Post by: ebenzunlimited on June 19, 2012, 04:53:35 PM
(http://3.bp.blogspot.com/-_7bhd5I4t3g/T9oQstFqRNI/AAAAAAAACgo/WlN84iJOy0Y/s1600/Firefox-memory-corruption-vulnerability.png)
A security researcher Ucha Gobejishvili has discovered a SECURITY memory corruption vulnerability in the Firefox 13, the latest version of Mozilla Firefox.

The vulnerabilities can be exploited by local privileged user accounts with low user inter action or remote via manipulated http request & high required user inter action.

According to our report  the researcher notified the Mozilla about the vulnerability. He told that Mozilla confirmed the existence of the vulnerability and planned on fixing it in the upcoming versions.

In a Proof-of-concept video , the researcher showed that by launching the specially crafted HTML file the vulnerability would be triggered, causing a denial-of-service (DOS) state.

In practice, an attacker would have to host a website that contains the malicious webpage. Then, with the aid of cleverly designed emails or instant messages, he could lure potential victims to the website.

The POC video:
DOS Mozilla Firefox Browser (http://www.youtube.com/watch?v=AOYfSwjLTCM#ws)
SimplePortal 2.3.7 © 2008-2021, SimplePortal