Greeting's

A new vulnerability has been discovered in Mozilla FireFox V 1.x which can be used remotely to gain access to potentianlly sensitive information.

Original Advisory : https://bugzilla.mozilla.org/show_bug.cgi?id=288688

Other reference advisory : http://secunia.com/advisories/14820/

A proof of concept is found here : http://secunia.com/mozilla_products_...exposure_test/

Above link can be used to test if your system is vulnerable to the exploit. Each time you click on the link 10 Kb of memory will read from your system. BUT NOTE I TRIED IT MORE THEN 6 TIMES AND MY BROWSER CRASHED.

Currently no patch is released but this vulnerability can be fixed by DISABLING JAVA SUPPORT.


Other Reference : http://cubic.xfo.org.ru/index.cgi?read=53004

This exploit is classified as : "Moderately critical".