tags 364810 security thanks * Daniel Leidert ([EMAIL PROTECTED]) wrote: > Package: firefox > Version: 1.5.dfsg+1.5.0.2-3 > Severity: grave > > The following advisory was published recently: > http://www.securident.com/vuln/ff.txt > > [..] > Result: > Firefox Remote Code Execution and Denial of Service - Vendor contacted, > no patch yet. > Problem: > A handling issue exists in how Firefox handles certain Javascript in > js320.dll and xpcom_core.dll > regarding iframe.contentWindow.focus(). By manipulating this feature > a buffer overflow will occur. > [..] > > I initally set this report to grave.
Does this have a CVE # yet? -- Eric Dorland <[EMAIL PROTECTED]> ICQ: #61138586, Jabber: [EMAIL PROTECTED] 1024D/16D970C6 097C 4861 9934 27A0 8E1C 2B0A 61E9 8ECF 16D9 70C6 -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GCS d- s++: a-- C+++ UL+++ P++ L++ E++ W++ N+ o K- w+ O? M++ V-- PS+ PE Y+ PGP++ t++ 5++ X+ R tv++ b+++ DI+ D+ G e h! r- y+ ------END GEEK CODE BLOCK------
signature.asc
Description: Digital signature
