/>
X

12-year-old finds critical Firefox flaw, earns $3,000 bounty

The security researcher who found and reported this critical buffer overflow and memory corruption vulnerability in Mozilla's Firefox browser is none other than Alex Miller, a 12-year-old boy who earned a $3,000 bounty for his discovery.
ryan-naraine.jpg
Written by Ryan Naraine, Contributor on

The security researcher who found and reported this critical buffer overflow and memory corruption vulnerability in Mozilla's Firefox browser is none other than Alex Miller, a 12-year-old boy who earned a $3,000 bounty for his discovery.

According to the San Jose Mercury News, Miller (right) was motivated to search for Firefox security holes after Mozilla increased its bug bounty from $500 to $3,000.

The seventh grader, described as a "Firefox loyalist," had previously reported a Firefox vulnerability but that one did not qualify for the cash payout.

Alex returned to the computer and his exploration. By Alex's estimation he spent about 90 minutes each day for about 10 days until he spotted it--a flaw in the memory of the running program.

The vulnerability, which can be exploited to crash a victim's browser and potentially run arbitrary code on their computer, was patched this week in Firefox 3.6.11 and Firefox 3.5.14.

It also affects Mozilla's Thunderbird 3.1.5, Thunderbird 3.0.9 and SeaMonkey 2.0.9.

ALSO SEE:

* Image via MercuryNews.com.

Related

Delta Air Lines just made an embarrassing announcement (you may be livid)
screen-shot-2022-06-22-at-3-50-54-pm.png

Delta Air Lines just made an embarrassing announcement (you may be livid)

Business
US weather, climate forecasting is about to get way better
screen-shot-2017-09-07-at-1.jpg

US weather, climate forecasting is about to get way better

Innovation
On July 12, we'll see the universe like never before
51656393132-ca88bc21e3-k

On July 12, we'll see the universe like never before

Space