OK, it has just been too quiet on here today for new security news, so I thought I should shake things up!

I just received a Beta exploit for the Firefox vulnerability annouced here back on Feb. 1st. The exploit is for the Metasploit framework and is not yet published on their site. This is straight from the exploit code:

This module exploits a code execution vulnerability in the Mozilla Firefox browser. To reliably exploit this vulnerability, we need to fill almost a gigabyte of memory with our nop sled and payload. This module has been tested on Gentoo Linux with the stock mozilla-firefox package.
It's patching time!

BTW - I did notice that the SANS ISC is aware of this.


******* EDIT *******
D'oh! I just noticed how I spelled Firefox on the title of the thread. Sorry.