/>
X
Business

Yet another 'critical' Firefox flaw

Firefox 2.0.0.2 as a high-priority browser
Written by Ryan Naraine, Contributor on
Less than 24 hours before the scheduled release of Firefox 2.0.0.2 as a high-priority browser refresh, a new "critical" vulnerability has been reported by Polish hacker Michal Zalewski.

Zalewski, who appears to be running an unofficial MOFFB (month of Firefox bugs) project, released a demo of a memory corruption issue that crashes the browser and puts users at risk of PC takeover attacks.

"Firefox is susceptible to a pretty nasty, and apparently easily exploitable memory corruption vulnerability. When a location transition occurs and the structure of a document is modified from within onUnload event handler, freed memory structures are left in inconsistent state, possibly leading to a remote compromise," Zalewski warned.

Mozilla's security team is tracking the issue.

Zalewski's ongoing browser research has also uncovered a "quite nasty" flaw in Microsoft's Internet Explorer 7.

He described the IE 7 issue as a "combination-type vulnerability" that allows the attacker to:

a) Trap the visitor in a Matrix-esque tarpit webpage that cannot be left by normal means (this is a known brain-damaged design of onUnload Javascript handlers),

b) Spoof transitions between pages so that the user thinks he actually managed to leave the affected site, and so that the URL bar displays other addresses we didn't actually go to.

"This opens a plethora of spoofing/phishing scenarios," Zalewski warned. A demonstration page is available for testing purposes.

So far this month, Zalewski's demos have included focus bugs, a location.hostname issue (critical), a blank bug, a bookmark issue and today's unload and trap flaws.

Editorial standards

Related

The 16 best Cyber Monday deals under $30 still available
Amazon Fire TV Stick 4K

The 16 best Cyber Monday deals under $30 still available

Epson is going to stop selling laser printers. Here's why
piles-of-paper.jpg

Epson is going to stop selling laser printers. Here's why

Don't waste your money on these Apple products: December 2022 edition
Waiting in line for the Apple Store

Don't waste your money on these Apple products: December 2022 edition