New Firefox bug not exploitable says Mozilla
Move along please, nothing to see here.
By Sumner Lemon, IDG News Service | Published: 06:15, 20 July 2009
A bug discovered in the latest version of Firefox is not exploitable according to Mozilla.
Mozilla released Firefox 3.5.1, the latest version of the browser, last week. The release fixed several recently discovered security holes in version 3.5, which came out in June. Among the security holes that were closed was a critical vulnerability that allowed an attacker to install and run code on a PC without any interaction from the victim.
Within a day, reports began to emerge of a stack-based buffer overflow vulnerability in Firefox 3.5.1 that could be used to gain access to a computer or launch a distributed denial of service attack. But after examining the reported vulnerability, Mozilla said that's not the case.
Related Articles on Techworld
"The reports by press and various security agencies have incorrectly indicated that this is an exploitable bug. Our analysis indicates that it is not, and we have seen no example of exploitability," wrote Mike Shaver, Mozilla's vice president of engineering, in a blog post.
The bug causes Firefox 3.5 and Firefox 3.5.1 to crash on a Windows PC, but does not give an attacker access to the PC, Shaver said, calling the crash "safe and immediate."
The bug can also cause Firefox 3.0 and 3.5 to crash on Apple computers.
"A crash occurs inside the ATSUI system library (part of OS X), due to what appears to be a failure to check allocation results," Shaver said, adding the same issue could affect other applications using text-handling libraries in MacOS X. "We have reported this issue to Apple, but in the event that they do not provide a fix we will look to implement mitigations in Mozilla code."
