Mozilla fast-tracks critical Firefox security patch

The patch, which was originally slated for release on March 30, fixes a vulnerability that could allow remote code execution attacks.  The flaw was originally released into the VulnDisco exploit pack in February but Mozilla's security response team did not get the details until the middle of March.

Now, with the CanSecWest Pwn2Own contest just a day away, the open-source group shipped the fix and explained the problem:

Security researcher Evgeny Legerov of Intevydis reported that the WOFF decoder contains an integer overflow in a font decompression routine. This flaw could result in too small a memory buffer being allocated to store a downloadable font. An attacker could use this vulnerability to crash a victim's browser and execute arbitrary code on his/her system.

Mozilla said support for the WOFF downloadable font format is new in Firefox 3.6 (Gecko 1.9.2), meaning that this vulnerability does not affect products built on earlier versions of the Mozilla browser engine.

A hacker known as "Nils" is planning to launch a code execution exploit against Firefox at this year's Pwn2Own.  Last year, Nils hit the trifecta with successful hacking attacks against Firefox, Internet Explorer and Safari.