Mozilla Firefox 3.6.12 Remote Denial Of Service

Published: 2010-11-15. Last Updated: 2010-11-15 15:02:05 UTC
by Stephen Hall (Version: 1)
6 comment(s)

Thanks to our reader Seb for the heads up about a remote denial of service vulnerability within Firefox 3.6.12.

There are a number of sites showing the exploit code which has been developed by Italian members of the BackTrack project.

I'll not publish the code here as its easily found with your favourite search engine, but below is a screen shot showing the impact of the code on a fully patched Mac OSX 10.6.5 system.

 

Firefox Crash image 

 

Diary updated after contact with Emanuele Gentili. 

Keywords: firefox
6 comment(s)

Comments

You are obviously clueless.
That exploit is publicly available on the Exploit Database - http://www.exploit-db.com/exploits/15498/

And if you haven't heard about BackTrack...well, you shouldn't be in the security field.

anonymous

Nov 15th 2010
1 decade ago

You're jumping all over this guy, anonymously, for not knowing Backtrack IT and the Backtrack distro are associated with each other?

And to your first point about him not linking to it? Come on troll, just because the guy is morally different from you doesn't mean he's an idiot.

mubix

Nov 15th 2010
1 decade ago

Hey anonymous, ever hear of this saying?

"Better to remain silent and be thought a fool than to speak out and remove all doubt."

SW

Nov 15th 2010
1 decade ago

Can someone clarify/verify. Is this only effecting 3.6.12 or 3.6.12 and below?

Whitehat99

Nov 15th 2010
1 decade ago

The exploit DB entry says <= 3.6.12

Justin

Nov 15th 2010
1 decade ago

To throw some additional, hopefully useful, information back into the mix...

I just tested on Win 7 with 3.5.15 (included in <= 3.6.12) and 4.0 b7 and both, once I disabled NoScript, crashed.

Ben

Nov 15th 2010
1 decade ago

Login here to join the discussion.


Top of page
Diary Archives