In association with heise online

« previous | next »
25 October 2010, 17:11

12-year old awarded $3,000 for Firefox vulnerability

Mozilla Foundation Logo The Mozilla Foundation regularly rewards security specialists for supplying information on critical vulnerabilities in its Firefox browser. Now a 12-year old has been awarded $3,000 for discovering a security vulnerability in the open source web browser.

Alexander Miller, from the USA, discovered and reported a critical bug in a JavaScript function. He found that a buffer overflow would result when very long strings where submitted to document.write, one of the most frequently used JavaScript functions. This error condition could potentially be exploited to inject and execute code. The development team has fixed this and other bugs in Firefox versions 3.6.11 and 3.5.14 and in Thunderbird 3.1.5 and 3.0.9. Alex Miller is listed in the credits as a Security Researcher.

Miller has told US media that he was spurred on by an increase in the amount paid out for bugs, from $500 to $3,000. Having already discovered and reported one bug that did not meet the requirements for a reward he says he spent 90 minutes a day for 10 days searching for a bug worthy of financial recompense.

See also:

(crve)

Add your comment

« previous | next »
Print Version | Send by email | Permalink: http://h-online.com/-1124547

Also on The H:

  • Share this article
  • Twitter
  • Facebook
  • digg this
  • submit to slashdot
  • post to delicious
  • StumbleUpon
  • submit to reddit
The H Open Headlines

Price Insight Top 10 powered by Skinflint

  1. Samsung SSD 830 Series 128GB
  2. Samsung SSD 830 Series 256GB
  3. Samsung SSD 830 Series Desktop Upgrade Kit 256GB
  4. Intel Core i5-3570K
  5. Samsung Galaxy S3 i9300 16GB blau
  6. Crucial m4 SSD 128GB
  7. Gigabyte GeForce GTX 670 OC
  8. Palit GeForce GTX 670
  9. Diablo 3 (deutsch)
  10. Samsung Galaxy Nexus i9250 16GB silber

The H

The H open source

The H Security

The H Internet Toolkit