Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×

Another Denial of Service Bug Found in Firefox 2 206

Posted by samzenpus from the be-more-secure dept.
An anonymous reader writes "A second security flaw that could cause the new Firefox 2 browser to crash has been publicly disclosed. The vulnerability lies in the way the open-source browser handles JavaScript code. Viewing a rigged Web page will cause the browser to exit, a representative for Mozilla, the publisher of the software, said Wednesday. Contrary to claims on security mailing lists, the bug cannot be exploited to run arbitrary code on a PC running Firefox 2, the representative said. This flaw in the JavaScript Range object is different than the denial-of-service vulnerability in Firefox 2 that was confirmed by Mozilla last week. That bug is related to a more serious security hole, which was fixed in earlier versions of Firefox, the organization has said. The two 'crashers' are the only publicly released vulnerabilities that have been confirmed by Mozilla in the week since Firefox 2 was launched. The issues are only minor, the organization has said."
This discussion has been archived. No new comments can be posted.

Another Denial of Service Bug Found in Firefox 2 More

Another Denial of Service Bug Found in Firefox 2

Comments Filter:

  • And... (Score:2, Funny)

    by Pacifist Brawler ( 987348 ) on Thursday November 02, 2006 @03:56AM (#16685671)
    I remember reading about the memory leak. While others see this as a "failure" of the browser, I see it as increasing the odds that the browser exits and frees up your memory. I mean, how hard is it to re-open a browser?

  • Third d.o.s. attack affects ALL BROWSERS! (Score:4, Funny)

    by suv4x4 ( 956391 ) on Thursday November 02, 2006 @07:17AM (#16686543)
    Immediately stop using Internet if you're using one of those browsers:

    IE
    Firefox
    Safari
    Konqueror .. ..

    A new denial of service attack was discovered floating in the cyberspace, that can render any browser inoperable, and it has to be forcefully crashed and reopened. The signature of the exploit was reported to be:

    while(true) alert('Hahaha, suckers!');

    People are advised to immediately move to Lynx: the only browser known to be immune to this attack.

  • Issue shrinking (TM) technology (Score:3, Funny)

    by suv4x4 ( 956391 ) on Thursday November 02, 2006 @07:23AM (#16686571)
    The two "crashers" are the only publicly released vulnerabilities that have been confirmed by Mozilla in the week since Firefox 2 was launched. The issues are only minor, the organization has said...

    They also added, that the reason the issues are minor, is because Firefox 1.5x and later releases of the popular Mozilla browser feature a special "issue shrinking" technology, patent pending, where no matter what happens, the issue becomes small.

    This is opposition to Microsoft, which appears to ship all their products with "issue expanding" FUD generator technology, now considered by many specialists as obsolete, where never mind what's the trouble, it's blown out of proportions, and brings chaos and despair among geeky web users.

Slashdot Top Deals

The hardest part of climbing the ladder of success is getting through the crowd at the bottom.

Close