MAAS History
Archives
« Adobe Warns of PDF "/Launch" Attack | Main | Apple Releases a Security and Update Bonanza »
Friday
Apr022010

Firefox 3.6.3 Fixes Object Scope Confusion

DateFriday, April 2, 2010 at 08:30AM

Mozilla Foundation has released an update to Firefox which addresses a retain and scope issues related to objects. Nils from MWR InfoSecuirty was able to use this during the 2010 Pwn2Own contest to defeat Firefox. A moved node incorrectly retained its old scope, thus an attacker could trigger garbage collection Firefox would still be able to use the freed object. Users should update to this version of Firefox.

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in , , ,

PrintView Printer Friendly Version

EmailEmail Article to Friend

References (1)

References allow you to track sources for this article, as well as articles that were written in response to this article.

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.
Member Account Required
You must have a member account on this website in order to post comments. Log in to your account to enable posting.