Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: Remote DoS in Firefox and Firefox 2 - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Remote DoS in Firefox and Firefox 2
There is a new advisory out that indicates there is a remote denial of service exploit in Firefox and Firefox 2.  The original post indicated that there could be a buffer overflow and remote code execution component, but as of 10/31 this has not been verified. This exploit will occur when a specifically crafted webpage tries to create a range object with "createRange". So far it will only make the browser crash.  If new information is made available, we will post updates.

John Bambenek
bambenek /at/ gmail (dot) com

262 Posts
ISC Handler
Nov 1st 2006

Sign Up for Free or Log In to start participating in the conversation!