funsec mailing list archives
Firefox Vulnerability Hoax [Was: Re: video showing a PC being infected]
From: "Fergie" <fergdawg () netzero net>
Date: Wed, 4 Oct 2006 02:45:59 GMT
Brian Krebs had a great article about this today in his "Security Fix" blog: http://blog.washingtonpost.com/securityfix/2006/10/zeroday_firefox_exploit_claime.html - ferg -- "Dude VanWinkle" <dudevanwinkle () gmail com> wrote: you too can learn from my mistakes: http://news.com.com/Hacker+backpedals+on+Firefox+zero-day/2100-7349_3-6122317.html?tag=nl A hacker who claimed to have found a serious zero-day bug in Firefox now says he was never able to exploit the supposed vulnerability to hijack computers. On Saturday, Mischa Spiegelmock and Andrew Wbeelsoi told attendees at the ToorCon event in San Diego that Firefox is critically flawed in the way it handles JavaScript. An attacker could commandeer a computer running the open-source Web browser simply by crafting a Web page that contains some malicious JavaScript code, they said. They displayed some of that code. Hackers' presentation But Spiegelmock has now backpedaled on those claims. In a statement provided to Mozilla, which coordinates development of Firefox, Spiegelmock said that the computer code displayed during the presentation does not fully compromise a PC running the browser. [snip] _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Firefox Vulnerability Hoax [Was: Re: video showing a PC being infected] Fergie (Oct 03)