“Mozilla has been able to reproduce a DoS issue based on the information, according to a new post on the Mozilla Developer Center. So far, they have yet to determine whether code execution is a possibility, but say they are “still investigating” and promise updates as necessary. Nevertheless, it’s beginning to look as though this was largely a prank.Mischa Spiegelmock has now said that the talk “was to be humorous,” and that the presentation covered a “previously known Firefox vulnerability that could result in a stack overflow ending up in remote code execution.” In other words, they didn’t discover a new flaw.”
Here is some more Tech News from around the web:
- McAfee advertises Windows woes @ The Inquirer
- Changes in [H] Consumer
- AMD to postpone DDR3 adoption, first quad-core K8L resident Socket AM2+ @ DigiTimes
- Q&A with Ashwin Navin, co-founder and president of BitTorrent @ DigiTimes
- Motorola V3i review @ DH
- True OS Mobility: A Fact or a Myth @ CoolTechZone
- Windows Taskbar vs. OS X Dock Comparison @ OSWeekly
- Windows Vista: It’s More Secure, We Promise @ OSWeekly
- Linux Gaming Made Easy @ MadPenguin
- CoolerMaster & OCIA.net October Virtual Pumpkin Carving Contest
- Fall IDF wrap: Intel eyes highly parallel processing @ The Tech Report
- Samsung Trace Review @ Digital Trends
- Extreme Guide to LightScribe Labeling @ ExtremeMHz
- GP-GPU, ATI, AMD, and Changing the Computing Landscape Forever @ PenStar Systems
- PNY PR Horrors @ Techgage
- ATI’s Stream Computing coverage @ DH
So much for Firefox beinga “complete mess”
It seems that the reports of Firefox’s vulnerability have been greatly exaggerated. The javascript vulnerability is an old flaw, that is well known, and nobody as yet has managed to use it to successfully run code. Ars Technica has more on information on the story.