Home
Latest images
Search
Register
Log inFirefox 3.5 exploit ?
Page 1 of 1
Firefox 3.5 exploit ?
andry Mon Dec 06, 2010 12:42 am
So Firefox 3.5 is available and it has quickly become a hot download item, with almost 24 million downloads worldwide so far. The browser itself is touted as faster, safer and just better — but that's no reason not to be cautious.
One of our Vulnerability Analysts turned up this video the other day. The video title says "Firefox Exploit" but so far in our analysis, it looks like the exploits aren't really targeting Firefox.
The attack itself is rather comprehensive — there are at least 3 exploits being tried and their execution is a little involved. The exploits target vulnerable Adobe Flash players (CVE-2007-0071) and Microsoft ActiveX Controls (CVE-2008-0015). The last exploit has been making the rounds in the wild recently.
Still, the vector being used is the tried and true route of a vulnerable web application. So it's basically the same old hole in a brand new dress. Updating the browser — good. Not updating web apps at the same time — not so good. Just as a precaution, don't forget to update all your plugins, apps and so on when you update your browser!
Having said that, our Exploit team is currently digging deeper into certain features of the exploits. We'll add updates if and when any more interesting features turn up.
Source
One of our Vulnerability Analysts turned up this video the other day. The video title says "Firefox Exploit" but so far in our analysis, it looks like the exploits aren't really targeting Firefox.
The attack itself is rather comprehensive — there are at least 3 exploits being tried and their execution is a little involved. The exploits target vulnerable Adobe Flash players (CVE-2007-0071) and Microsoft ActiveX Controls (CVE-2008-0015). The last exploit has been making the rounds in the wild recently.
Still, the vector being used is the tried and true route of a vulnerable web application. So it's basically the same old hole in a brand new dress. Updating the browser — good. Not updating web apps at the same time — not so good. Just as a precaution, don't forget to update all your plugins, apps and so on when you update your browser!
Having said that, our Exploit team is currently digging deeper into certain features of the exploits. We'll add updates if and when any more interesting features turn up.
Source
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics» Firefox Denial of Service (KEYGEN) Exploit
» Firefox Denial of Service (KEYGEN) Exploit
» Firefox DoS
» Firefox and Malware
» Firefox – SEO Programmers Heaven
» Firefox Denial of Service (KEYGEN) Exploit
» Firefox DoS
» Firefox and Malware
» Firefox – SEO Programmers Heaven
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum|
|
|