TITLE:
Firefox "focus()" Memory Corruption Weakness
SECUNIA ADVISORY ID:
SA19802
RELEASE DATE:
2006-04-25
VERIFY ADVISORY:
http://secunia.c
om/advisories/19802/
CRITICAL:
Not critical
WHERE:
From remote
IMPACT:
DoS
SOFTWARE:
Mozilla Firefox 1.x
DESCRIPTION:
A weakness has been discovered in Firefox, which can be
exploited by
malicious people to cause a DoS (Denial of Service).
The weakness is caused due to an error in the handling of
unexpected
"focus()" JavaScript calls. This can be
exploited to corrupt the memory
and cause a crash by calling the "focus()"
method on a container with
specially crafted content.
The weakness has been confirmed in version 1.5.0.2. Other
versions may
also be affected.
SOLUTION:
Disable JavaScript when visiting untrusted web sites.
REPORTED BY CREDITS:
splices, spiffomatic64, and Securident Technologies.
ORIGINAL ADVISORY:
http://www.secu
rident.com/vuln/ff.txt
--
Love is baking a cake at 4:30 am, on a Monday
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/r
ules.htm
Contact list owner <owner-pcworks imagicomm.com>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
|