New
#1
Attack code for Firefox zero-day goes wild,..........
Source -A Russian security researcher on Thursday said he has released attack code that exploits a critical vulnerability in the latest version of Mozilla's Firefox browser.
The exploit - which allows attackers to remotely execute malicious code on end user PCs - triggers a heap corruption vulnerability in the popular open-source browser, said Evgeny Legerov, founder of Moscow-based Intevydis. He recently added it as a module to Vulndisco, an add-on to the Immunity Canvas automated exploitation system sold to security professionals.
"We've played a lot with it in our labs - it was very reliable," Legerov wrote in an email to The Reg. "Works against the default install of Firefox 3.6. We've tested it on XP and Vista."
Attack code for Firefox zero-day goes wild, says researcher ? The Register