joltcola
04-07-05, 05:57 PM
Firefox versions 1.0.1 and 1.0.2 contain the vulnerability, the security information company said in an advisory on Monday. The flaw stems from an error in the JavaScript engine that can expose arbitrary amounts of heap memory after the end of a JavaScript string. As a result, an exploit may disclose sensitive information in the memory, Secunia said.
Pulled this off osnn.net
Direct link to the article (http://www.osnn.net/comments.php?shownews=11937)
I've read that in the test build 1.0.3, that perticular security issue has already been patched. Haven't tested this myself. You can find the latest build here: mozilla's ftp (http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/latest-aviary1.0.1/)
edit:update: I've updated to 1.0.3 and tried out the test that the security company that released this news has setup to see if your vulnrable (not sure how valid this test is, but whatever). It doesn't seem to drop data like it did before.
-- jolt
Pulled this off osnn.net
Direct link to the article (http://www.osnn.net/comments.php?shownews=11937)
I've read that in the test build 1.0.3, that perticular security issue has already been patched. Haven't tested this myself. You can find the latest build here: mozilla's ftp (http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/latest-aviary1.0.1/)
edit:update: I've updated to 1.0.3 and tried out the test that the security company that released this news has setup to see if your vulnrable (not sure how valid this test is, but whatever). It doesn't seem to drop data like it did before.
-- jolt