First Firefox 1.5.0.4 exploit code is out

Only two days was the delay when the first PoC exploit was released to new Firefox vulnerabilities.

Navigator Object PoC release is part of Mr. Moore’s Browser Fun Blog disclosure at
browserfun.blogspot.com/2006/07/mobb-28-mozilla-navigator-object.html

This vulnerability is handled at Mozilla Foundation Security Advisory (MFSA) #45, link to the advisory is mozilla.org/security/announce/2006/mfsa2006-45.html
Mozilla Foundation has assigned this issue as Critical, highest severity used by organisation.

The entry states XP SP2 and fully patched Gentoo Linux tested as affected.
UPDATE: Mac OS X (Intel and PowerPC) are affected too.

An official workaround is to disable Java if update to the fixed FF1.5.0.5 is not possible.

SeaMonkey versions before 1.0.3 are probably affected as well.

Share
  • Alpha

    wow , it’s in providence of any popular softwares that come in security area . but we are still sufficient about FireFox and other open mind products . however thanks juha .