jamesVault Posted July 17, 2009 Share Posted July 17, 2009 Mozilla Firefox 3.5.1 unicode Remote Buffer Overflow Mozilla Firefox is prone to a remote stack-based buffer-overflow vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Live Proof of Concept: http://www.milw0rm.com/exploit.php?id=9158 Link to comment Share on other sites More sharing options...
smashguy Posted July 17, 2009 Share Posted July 17, 2009 When I clicked, it went crashed. Link to comment Share on other sites More sharing options...
Miuku. Posted July 17, 2009 Share Posted July 17, 2009 That's a negative Houston, does not work on my 3.5.1'er on OS X - perhaps this is a flaw that is only evident on certain platforms (Such as the Win32 / Linux builds) Link to comment Share on other sites More sharing options...
jamesVault Posted July 17, 2009 Author Share Posted July 17, 2009 this is a new flaw, still unpatched Link to comment Share on other sites More sharing options...
Pc_Madness Posted July 17, 2009 Share Posted July 17, 2009 lol, poor Mozilla. Looks like we'll be updating again tomorrow. :p Link to comment Share on other sites More sharing options...
zhangm Supervisor Posted July 17, 2009 Supervisor Share Posted July 17, 2009 That's a big wall of text... Link to comment Share on other sites More sharing options...
Argi Posted July 17, 2009 Share Posted July 17, 2009 I opened in Opera but still triggered Kaspersky, heh. (didn't do anything though, obviously) Link to comment Share on other sites More sharing options...
The_Decryptor Veteran Posted July 17, 2009 Veteran Share Posted July 17, 2009 I think this was reported before 3.5.1 was released, but it doesn't crash here, just uses lots of memory and starts causing the system to page Firefox to disk. Link to comment Share on other sites More sharing options...
ultimate99 Posted July 17, 2009 Share Posted July 17, 2009 Lots of chinese characters, but no crash. Link to comment Share on other sites More sharing options...
Wanderermy Posted July 17, 2009 Share Posted July 17, 2009 ~ 1.5 GB of memory :blink: Link to comment Share on other sites More sharing options...
+John. Subscriber¹ Posted July 17, 2009 Subscriber¹ Share Posted July 17, 2009 Causes what seems to be a massive memory leak in OS X. Very bad flaw. It's a shame, because it seemed to be such a good release. Link to comment Share on other sites More sharing options...
Miuku. Posted July 17, 2009 Share Posted July 17, 2009 (edited) ~ 1.5 GB of memory :blink: It tries to cause an overflow but fails - either it's patched already in 3.5.1 or stack protection actually works. Possibly if you had a machine with not much ram and out of disk/swap space, you could cause an exhaust of the clients resources but it should not crash the client even in those circumstances, only provide you with a funky out of memory error. Edited July 17, 2009 by daPhoenix Link to comment Share on other sites More sharing options...
Tiby312 Posted July 17, 2009 Share Posted July 17, 2009 (edited) For me it: -Freezes Firefox 3.5.1 -Crashes Google Chrome 2.0 Tabs (Not the UI though) -Freezes IE8 Edited July 17, 2009 by Tiby312 Link to comment Share on other sites More sharing options...
cork1958 Posted July 17, 2009 Share Posted July 17, 2009 Oh no's!! Say it ain't so. Not our beloved Firefox with yet ANOTHER critical vulnerability immediately after release of an update!! No wonder this is backpage news. It happens so often in Firefox, it's expected, isn't it? :blink: Link to comment Share on other sites More sharing options...
primexx Posted July 17, 2009 Share Posted July 17, 2009 KIS already detects it so... Link to comment Share on other sites More sharing options...
The Patri0t Posted July 17, 2009 Share Posted July 17, 2009 Using 3.5.1 and it crashed. This was just an innocent proof that it exists and not actual hack. :ninja: Link to comment Share on other sites More sharing options...
Miuku. Posted July 17, 2009 Share Posted July 17, 2009 Using 3.5.1 and it crashed. This was just an innocent proof that it exists and not actual hack. :ninja: What OS and Arch? Link to comment Share on other sites More sharing options...
The Patri0t Posted July 17, 2009 Share Posted July 17, 2009 What's Arch? Using XP Link to comment Share on other sites More sharing options...
Miuku. Posted July 17, 2009 Share Posted July 17, 2009 Sorry, by Arch I mean Architecture, as in 32 bit or 64 :) Link to comment Share on other sites More sharing options...
Berserk87 Posted July 17, 2009 Share Posted July 17, 2009 KIS already detects it so... kaspersky detected it, and denied it for me, but firefox still ate dirt. Link to comment Share on other sites More sharing options...
The Patri0t Posted July 17, 2009 Share Posted July 17, 2009 Sorry, by Arch I mean Architecture, as in 32 bit or 64 :) 32; this won't happen on 64 bit? :o and please tell me that wasn't a real hack, haha. Just a proof that the damn thing exists and can be exploited. Link to comment Share on other sites More sharing options...
jasondefaoite Posted July 17, 2009 Share Posted July 17, 2009 3.51 on x64 win7 RC .. Hangs for me ... uses up to 1.5GB of memory... doesn't crash .... Link to comment Share on other sites More sharing options...
The_Decryptor Veteran Posted July 17, 2009 Veteran Share Posted July 17, 2009 32; this won't happen on 64 bit? :oand please tell me that wasn't a real hack, haha. Just a proof that the damn thing exists and can be exploited. I'm on 64bit and it doesn't crash (just lots of memory) Only thing I can think of, is that 64Bit can do hardware DEP (well, so can 32bit in PAE mode, but nobody runs in that mode since it's buggy in the vast majority of cases), and Firefox is set to have DEP enabled (I think only Vista and Win7 will read that info, XP needs an extra function call to enable it, which is going to happen soon) Link to comment Share on other sites More sharing options...
iamwhoiam Posted July 17, 2009 Share Posted July 17, 2009 I clicked it and it showed 1 line of text. No huge memory usage, no slowdown and no crashing the browser. Link to comment Share on other sites More sharing options...
well... Posted July 17, 2009 Share Posted July 17, 2009 Caused safari 4.0.2 on osx to become unstable here :( Link to comment Share on other sites More sharing options...
Recommended Posts