"The vulnerability is caused due to an error in the JavaScript engine, as a 'lambda' replace exposes arbitrary amounts of heap memory after the end of a JavaScript string," said the Secunia advisory.More information at TechNewsWorld
The vulnerability has been confirmed in versions 1.0.1 and 1.0.2. Other versions may also be affected.
Firefox Javascript vulnerability can leak sensitive information
Posted on Tuesday, April 05 2005 @ 18:19 CEST by Thomas De Maesschalck
Security firm Secunia discovered a new Javascript vulnerability in Firefox that can by abused by malicious people to gain sensitive information.