FireFox Singed By Potential Exploit
FireFox Singed By Potential Exploit
December 9, 2005: Just over a week ago the new version of the worlds second most popular web browser was released. However, it appears that v1.5 of Firefox already has an exploit that opens up possibility for a denial of service (DOS) attack.
According to the Internet Storm Centre, the flaw exists in the browsers history.dat file.
“If the topic of a page is crafted to be long enough, it will crash the browser each time it is started after going to such a page.” Says John Bambenek from the Internet Storm Center. “This vulnerability has been tested and does work, and no known patches are available at this time. Once this happens, FireFox will be unable to start until you erase the history.dat file manually.”
No reports of the flaw being exploited by anyone with malicious intent have surfaced as yet. A patch however, has also yet to be released to plug up the hole.
Mozilla was unavailable for comment.
What’s your experience with FireFox?
Related Article: