Buffer overflow in Firefox 3.5.1 - Update
document.write() method, which then causes a buffer overflow. This may allow an attacker to run arbitrary code. If that doesn't work, the browser will probably claim a large amount of memory, freeze, or crash.
Update - According to Mike Shaver, Mozilla VP Engineering, in a posting to the Mozilla Security blog the issue is not exploitable. Shaver says that on Windows, the overflow is caught as an exception and Firefox is safely terminated, while on the Mac, the crash occurs within an Apple library. Mozilla believes the reports are in error and disagrees with the severity rating. Although an update to the Mozilla posting, adds that an actual crash on Windows has been reported in the comments.
- Mozilla confirms critical vulnerability in Firefox 3.5, a report from The H.
- Slow Firefox 3.5 start up time, a report from The H.
- First Zero Day Exploit for Firefox 3.5, a report from The H.