Tom Ferris has identified a vulnerability that allows an attacker to remotely execute code on a system which affects all versions of Mozilla FireFox up to 1.0.6 and the beta version Firefox 1.5.


Mozilla Firefox is susceptible to a buffer overflow attack that is deemed highly critical.

Tom Ferris, security expert has identified a vulnerability in FireFox that allows an attacker to remotely execute code on a system through a buffer overflow attack.

The vulnerability affects all versions of Mozilla FireFox up to 1.0.6 as well as the beta version Firefox 1.5.

Demonstrating the vulnerability, security expert Tom Ferris offered a link to a page where a specially crafted URL will cause the browser to freeze and eventually crash, closing all browser windows. Microsoft Internet Explorer is unaffected by the flaw.

Mozilla has published a patch that protects the browser against sites seeking to exploit the flaw and has posted instruction for a manual work around.

Sharing is caring