Firefox 3.6.12 fixes critical security bug

Posted on Thursday, October 28 2010 @ 14:14 CEST by Thomas De Maesschalck
Mozilla published Firefox 3.6.12, a new update that plugs a critical security vulnerability.
Firefox 3.6.12 fixes a critical security issue that could potentially allow remote code execution.

Heap buffer overflow mixing document.write and DOM insertion
Morten Kråkvik of Telenor SOC reported an exploit targeting particular versions of Firefox 3.6 on Windows XP that Telenor found while investigating an intrusion attempt on a customer network. The underlying vulnerability, however, was present on both the Firefox 3.5 and Firefox 3.6 development branches and affected all supported platforms.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.


Loading Comments

Share this story!

Latest news

Latest reviews