Remote DoS in Firefox 1.5.0.7 and Firefox 2


There is a new advisory out that indicates there is a remote denial of service exploit in Firefox 1.5.0.7 and Firefox 2.

The original post indicated that there could be a buffer overflow and remote code execution component, but as of 10/31 this has not been verified. This exploit will occur when a specifically crafted webpage tries to create a range object with "createRange". So far it will only make the browser crash. SANS - Internet Storm Center - Cooperative Cyber Threat Monitor And Alert System

Linked by shanmuga Wednesday, 1st November 2006 5:44AM