Topic: Mozilla Firefox 1.5 Exploit Made Public

[Clive]

Neowin
Posted by Tom Warren on 09 December 2005 - 11:53

Code for a crippiling Firefox exploit was made available Wednesday allowing malicious users to create sites to disable Mozilla Firefox.

The flaw may be an "exploit" but as yet no 3rd party code gets executed via this particular bug so system security is unaffected. The latest Firefox vulnerability exists in the history.dat file, which stores information from Web sites users have visited with the Firefox 1.5 browser. If the topic of a page is crafted to be long enough, it will crash the browser each time it is started after going to such a page. Once this happens, Firefox will be unable to be started until you erase the history.dat file manually.

It is being suggested that if the topic was more tightly crafted than in the proof-of-concept code, a more malicious attack could be crafted that would install malware on the machine and would have much worse consequences.

The Mozilla Foundation has recognised the flaw but denies that there are any websites using the flaw for malicious purposes like installing malware on users machines. An update via Firefox's autoupdate feature is likely to follow once Mozilla have fixed the issue.

For the time being we recommend that users disable their history to ensure that they're not affected by this issue.

The following link below is a link to live code to demonstrate the exploit. Once you have closed Firefox down after visiting the Proof Of Concept, please ensure that you delete your history.dat from your Firefox profile.

 http://neowin.net/index.php?act=view&id=31705