Firefox flaw found: remote exploit possible
InfoWorld | at | by Mike
Computers running the Firefox browser could be open to remote attack as a result of a buffer overflow vulnerability reported Friday by security researcher Tom Ferris.
Vulnerable versions of Firefox include all those up to 1.06, and even version 1.5 Beta 1, released on Thursday, he wrote in a posting to his Web site, Security Protocols, and to the Full Disclosure security mailing list just after 6 a.m. GMT Friday.
Ferris said he reported the bug to staff of the Mozilla Foundation, the organization behind the Firefox browsers, on Sept. 4, but had no idea whether they were working on a fix for the problem.