Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Firefox hit by unpatched bug

Firefox hit by unpatched bug

by Nikola Strahija on September 10th, 2005 Security researchers have discovered an unpatched vulnerability in Firefox that might be used to crash systems.


This security bug can also be used to trick surfers into running malicious code by simply fooling them into visiting a maliciously constructed website.

The problem that is well known to IE users comes as a nasty shock to users of the alternative browser, which has been seen as something of a safe haven from hacker attack even though this assumption has come under question over recent months.

The vulnerability, discovered by Tom Ferris of Security Protocols, applies to Firefox version 1.0.6. Previous versions may also be affected but this has yet to be confirmed. The security bug stems from an error in handling a URL that contains the 0xAD character in its domain name, giving rise to possible heap-based buffer overflow attacks.

Security notification service Secunia describes the vulnerability as "highly critical". It advises users not to browse untrusted websites as a precaution.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »