4 Apr
2005
4 Apr
'05
21:01
A new, quite fascinating vulnerability was apparently discovered today, which allows attackers to craft custom JavaScript code in order to gain access to information contained in system RAM; all current versions of Mozilla Firefox are believed to be affected: http://secunia.com/advisories/14820/ An intriguing test for this vulnerability (watch information contained in system memory echo to the screen!) appears here: http://secunia.com/mozilla_products_arbitrary_memory_exposure_test/ A temporary workaround is to disable JavaScript support, however SuSE will be releasing a patched version of Firefox presumably? -- Anthony Edwards anthony.edwards@uk.easynet.net