Critical vulnerability discovered in Firefox 3.5

Posted by

Firefox 3.5 Highly critical vulnerability Resolved
Secunia has discovered a vulnerability in Firefox 3.5, which allows the attacker to execute arbitrary code on the others PC.

The vulnerability is due to an error in the management of processing JavaScript code. To exploit it, attackers or any one just need HTML tags which will cause  memory corruption and opens the door to execute arbitrary code.


While we hope that Mozilla will soon release a patch to resolve this vulnerability ,until then the solution is to use Noscript addon or disable Javascript .

Another simple solution is ,type about:config in the address bar ,then press enter and set “javascript.options.jit.content” to “false.

But according to zona firefox,this bug has been found before (Jul 9),also solution already existed before anyone published the vulnerability and this vulnerability will be patched in upcoming version Firefox 3.6.

via Mashable,secunia