Earler today, I posted about the AIM “talk virus”. The Firefox web browser has a fairly crippling vulnerability that was discovered recently. If a web page has a long title, the browsers history.dat file can be corrupted, thus making the browser un startable. Mozilla stated recently that it is working on a patch, and it advised users to be careful in their web surfing habits. There has been a proof of concept that has been posted on the internet. The link to the PoC is at the bottom of the article. If you go to it, you will not be able to start Firefox again unless you delete the history.dat file from your profile. This is generally in C:\Documents and Settings\Username\Application Data\Mozilla\Firefox\Profiles\
Proof of Concept: Do not click this unless you intend to disable your browser. Ok. If you do, it’s not my fault.
0 Responses to “‘Nother vulnerability”