Zero Day Initiative’s Upcoming Advisories reported a critical vulnerability to newly released Mozilla Firefox 3.0 (ZDI-CAN-349).
According to TippingPoint’s DVLabs blog post —[…]this Firefox 3.0 vulnerability, also affects prior versions of Firefox 2.0.x, and it has been tested and reported to the Mozilla security team. While Mozilla is working on a fix, technical details are being kept secret, until a patch is available. There’s no known exploit for the bug at this time, says Mozilla.
“Successful exploitation of the vulnerability could allow an attacker to execute arbitrary code. Not unlike most browser based vulnerabilities that we see these days, user interaction is required such as clicking on a link in email or visiting a malicious web page.”
TrackBack URI Leave a comment »