Thursday, March 26, 2009

New Firefox 0day in WinDBG


Here is a screenshot of the new FF 0day in WinDBG using the !exploitable extension. I am swamped with work right now, when I get a moment I try to post a more detailed writeup.

3 comments:

Dan Veditz said...

Anyone who wants to test the fix--or just protect yourself early--can get candidate builds from ftp://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/3.0.8-candidates/

Nelson Brito said...

Hey, David... 8-)

I've published an article about this issue, and apparently it is not as new as we think.

Check it out:
http://translate.google.com/translate?client=tmpg&hl=pt&u=http%3A%2F%2Ffnstenv.blogspot.com%2F2009%2F03%2F0-day-no-mozilla-firefox.html&langpair=pt|en

BTW, awesome Blog... I always check it for good news (sometimes not that good ;-).

Keep in touch, buddy.

@nbrito

Nelson Brito said...

David, Mozilla just released the patch addressing this vulnerability...

The awesome news is that it is not as new as we tought - remember my previous comment.

It shows that the security community is crawling the bug tracking systems to find any vulnerability previously fixed and raised from the dead-land...

How many other vulnerabilities will we see raising?

@nbrito