Critical JavaScript Vulnerability in Firefox 3.5
Tuesday, July 14, 2009 at 07:27PM
drStrangeP0rk in Firefox Exploits, Zero Day

There is a critical vulnerability in the JIT compiler in Firefox 3.5. It is possiable that an attacker by directing a user to a maliciously crafted site will be able to execute code or trigger a uncontrolled system crash. Users should be using NoScript for all web surfing in Firefox. In addition users can disable JavaScript, Run in SafeMode or disable JIT in the JavaScript engine.

  1. In the location bar enter about:config
  2. Filter to jit
  3. Set the value of javascript.options.jit.content to false.

 

Disabling javascript.options.jit.content will slowdown performance and is temporary. Once the fix is released and installed users should set this value back to true. 

Update on Sunday, July 19, 2009 at 09:21PM by Registered CommenterdrStrangeP0rk

Mozilla Security Blog reports that exploit the crash is not exploitable in version 3.5.1. The crash is reported to occur in the ATSUI(Apple Type Services for Unicode Imaging) system library which is the result of a failure to check allocation results.

http://blog.mozilla.com/security/2009/07/19/milw0rm-9158-stack-overflow-crash-not-exploitable-cve-2009-2479/

Article originally appeared on magmatic.com (http://www.magmatic.com/).
See website for complete article licensing information.