R
REM
From the UBCD4Win forum:
http://software.silicon.com/malware/0,3800003100,39152702,00.htm
----------------------------------------------------------------------------------
"How to attack Firefox' code appears on the net
Exploits freshly patched security flaw...
Add Comment Printer Friendly Email Story
By Joris Evers
Published: Monday 26 September 2005
Computer code that could be used to attack Firefox, Mozilla Suite and
Netscape users has been released on the internet.
The release of the attack code comes days after Mozilla released an
updated version of Firefox to fix several security flaws, including
the bug exploited by the code.
A fixed version of the Mozilla Suite is also available but
Firefox-based Netscape has yet to be updated. The Netscape browser is
a product of Netscape, which is a division of Time Warner's AOL
subsidiary. An AOL spokesman had no comment on Thursday.
The attack code exploits a vulnerability that was disclosed two weeks
ago. The flaw lies in the way the browsers handle International Domain
Names, which are web addresses that use international characters.
Hackers had been working to exploit the flaw and had said the code
would be released after fixes were available.
The exploit could let attackers run code remotely on vulnerable
computers and works on Firefox, Mozilla and, in some cases, Netscape,
according to security researcher Berend-Jan Wever, who published the
code. Mozilla has urged users to upgrade to the latest versions of its
products."
----------------------------------------------------------------------------------
http://software.silicon.com/malware/0,3800003100,39152702,00.htm
----------------------------------------------------------------------------------
"How to attack Firefox' code appears on the net
Exploits freshly patched security flaw...
Add Comment Printer Friendly Email Story
By Joris Evers
Published: Monday 26 September 2005
Computer code that could be used to attack Firefox, Mozilla Suite and
Netscape users has been released on the internet.
The release of the attack code comes days after Mozilla released an
updated version of Firefox to fix several security flaws, including
the bug exploited by the code.
A fixed version of the Mozilla Suite is also available but
Firefox-based Netscape has yet to be updated. The Netscape browser is
a product of Netscape, which is a division of Time Warner's AOL
subsidiary. An AOL spokesman had no comment on Thursday.
The attack code exploits a vulnerability that was disclosed two weeks
ago. The flaw lies in the way the browsers handle International Domain
Names, which are web addresses that use international characters.
Hackers had been working to exploit the flaw and had said the code
would be released after fixes were available.
The exploit could let attackers run code remotely on vulnerable
computers and works on Firefox, Mozilla and, in some cases, Netscape,
according to security researcher Berend-Jan Wever, who published the
code. Mozilla has urged users to upgrade to the latest versions of its
products."
----------------------------------------------------------------------------------