The Inquirer-Home
Chips > Security

Zero day flaw in Firefox 3.6

All your Windows PC are belong to us
By Nick Farrell
Mon Feb 22 2010, 12:21

A RUSSIAN insecurity outfit has managed to create a zero day exploit for Firefox 3.6 under Windows.

The exploit allows attackers to remotely gain control of a Windows PC thanks to a previously unknown flaw in the Windows version of the Firebadger 3.6 browser software.

Intevydis develops the commercial VulnDisco add-on for the Canvas exploit toolkit that's marketed by the vendor Immunity.

Writing at the company's online forum, Intevydis developer Evgeny Legerov said that his exploit for Windows XP (SP3) and Vista is quite reliable. He said it was an interesting challenge to find the buffer overflow flaw and work out a way to exploit it.

The Mozilla Foundation knows about the exploit but has not made an official statement on it yet and has not released a patch for Firefox 3.6 so far. Secunia says the problem is critical.

It is not clear whether the exploit was behind an increase in the number of Firefox 3.6 crashes that was noted on February 12th and 13th. While those might not have been caused by a real life exploit, they could have been due to the exploit being tested. µ

 

 

Share this:

< Previous article| Next article >
Comments
Disturbing Precedent

What I find far more troubling here is that Secunia seems to be taking this exploit on faith alone. A number of threads (search for them, they're out there) paint VulnDisco's vendor as uncooperative with "responsible disclosure" procedures, and why not? After all, this is a commercial vendor with a product to sell; though, perhaps it's worth noting that apparently someone *already purchased the product and was unable to reproduce the issue on 3.6*. The impropriety of this operation is already being called into question. Perhaps if I submit a report to Secunia of - let's say - Opera being critically insecure with a potential remote execution vector via a buffer overflow, I can get it published too? After all, I sell a commercial vulnerability discovery pack and can't POSSIBLY be in it for the money. This seems to be going awfully far for not having any real proof.

http://secunia.com/advisories/38608/
http://secunia.com/community/forum/thread/show/3592

posted by : Orethrius van Degaurde, 23 February 2010 Complain about this comment
Is Secunia reports it

Does that mean it's real, or are they taking it on trust from the original report by A. Random Hacker?

posted by : Robert Carnegie, 23 February 2010 Complain about this comment
Win7 running linux

To all you linux experts. I'm running Linux ubantu on top of or within Win7 using WUBI. Is that safe enough to by pass all these exploits when running FFox in Linux.

posted by : Crusher, 22 February 2010 Complain about this comment
Naming problems

Since it is a 'windows' only flaw, having to do with buffer overflow...

with its history of never having really fixed the buffer over flow problem (windows, that is)

should this not be another WINDOWS BUFFER OVERFLOW PROBLEM??

Firefox just happened to be the one that triggered the rediscovery.

posted by : the old rang, 22 February 2010 Complain about this comment
Yay Older Versions!

Good thing i still use 3.0.xx then, seems this won't effect me!

posted by : AquaVixen, 22 February 2010 Complain about this comment
aboutus
Advertisement
Subscribe to INQ newsletters
Click here to sign up Existing user
INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage
Advertisement
INQ Jobs
INQ Poll

Authorities in several countries raided Megaupload recently, shut down all of its services, seized hundreds of servers and arrested several of its executives on criminal charges.

Do you think the move was justified?

View other polls
Follow us:
Business & Technology websites:
Business research resources:
Products:
Investment Market IT websites:
Find out what you are worth:
Search for a job:
Recruitment Agency A-Z Directory
Accreditations: