Opera uses Mozilla fuzzer to find, fix severe browser flaw

Using a JavaScript fuzzer released by Mozilla at Black Hat, Opera's security team has found and fix a "highly severe" browser flaw that could be used in code execution attacks.

Opera uses Mozilla fuzzer to find, fix flaw
How's this for cross-browser cooperation?

Using a JavaScript fuzzer released by Mozilla at Black Hat, Opera's security team has found and fixed a "highly severe" browser flaw that could be used in code execution attacks.

The problem:

A virtual function call on an invalid pointer that may reference data crafted by the attacker can be used to execute arbitrary code.

The flaw was found with jsfunfuzz, a JavaScript compiler/decompiler fuzzer built by Jesse Ruderman and released earlier this month by Mozilla security chief Window Snyder.

It is the first in a series of security tools that will be released by the open-source group.

Snyder said all the major browser vendors -- Opera and Microsoft -- were giving the fuzzer ahead of time and they were all comfortable with the idea of making it available to the public.