Firefox 3.0.5 remote vulnerability via queryCommandState

["carl hardwick" <hardwick.carl () gmail com>]

An unpatched security flaw has been discovered in the latest version
of Firefox 3.0.5 which allows a remote attacker to crash the browser
with a special crafted HTML page using a queryCommandState:

PoC: http://groups.google.it/group/carl-hardwick/web/Firefox305RemoteDoS.htm

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/