JavaScript Vulnerability Found In Firefox

    April 5, 2005

An advisory issued by security company Secunia warns of a new vulnerability affecting Mozilla’s Firefox browser. Secunia rates the new Firefox security issue as “moderate”.

According to Secunia’s advisory

The vulnerability is caused due to an error in the JavaScript engine, as a “lambda” replace exposes arbitrary amounts of heap memory after the end of a JavaScript string.

Successful exploitation may disclose sensitive information in memory.

In response to the newly discovered vulnerability, Secunia has developed a test in order to determine whether or not installed versions of Firefox are affected. Their advisory also reveals the security hole has been confirmed in Firefox versions 1.0.1 and 1.0.2.

Until Mozilla releases a patch, which shouldn’t be too long considering their past response time, Secunia recommends disabling Firefox’s JavaScript support.

Chris Richardson is a search engine writer and editor for WebProNews. Visit WebProNews for the latest search news.