wraggster
July 16th, 2009, 22:18
Mozilla has confirmed the first security vulnerability in Firefox 3.5, saying that the bug could be used to hijack a machine running the company's newest browser. A noted Firefox contributor called the situation 'self-inflicted' and said it was likely that the hacker who posted public exploit code Monday became aware of the flaw by rooting through Bugzilla, Mozilla's bug- and change-tracking database. The vulnerability is in the TraceMonkey JavaScript engine that debuted with Firefox 3.5, said Mozilla. '[It] can be exploited by an attacker who tricks a victim into viewing a malicious Web page containing the exploit code,' Mozilla's security blog reported Tuesday
http://tech.slashdot.org/story/09/07/16/1346243/Firefox-35s-First-Vulnerability-Self-Inflicted
http://tech.slashdot.org/story/09/07/16/1346243/Firefox-35s-First-Vulnerability-Self-Inflicted