Four days ago we talked about a critical Java script vulnerability in Firefox 3.5, which allows the attacker to execute arbitrary code on victim’s PC. Later on July 17th , Mozilla team fixed this issue by releasing Firefox 3.5.1.
Now SecurityFocus disclosed another Critical vulnerability found in Firefox.
According to SecurityFocus
“The vulnerability is a remote stack-based buffer-overflow, triggered by sending an overly long string of Unicode data to the document.write method. If exploited, the resulting overflow could lead to code execution, or if the exploit attempts fail, a denial-of-service scenario.”