Comments on: Another Critical Firefox Vulnerability Emerges

By: Another Critical Firefox Vulnerability Emerges « Centralized Computer Security News.

Fri, 24 Jul 2009 03:26:30 +0000

[...] See the rest here: Another Critical Firefox Vulnerability Emerges [...]

By: Asa Dotzler

Asa Dotzler — Sun, 19 Jul 2009 23:40:38 +0000

This is not an exploitable crash.

See Mozilla’s announcement:

http://blog.mozilla.com/security/2009/07/19/milw0rm-9158-stack-overflow-crash-not-exploitable-cve-2009-2479/

By: Scoperta una nuova vulnerabilità in Firefox 3.5.1 - Commenta la tecnologia, la telefonia, i software

Sun, 19 Jul 2009 23:10:45 +0000

[...] Via | Ghacks.net [...]

By: Mike Shaver

Mike Shaver — Sun, 19 Jul 2009 22:31:14 +0000

This article is incorrect: the bug is not a critical vulnerability, and it cannot result in code execution. On some systems (Firefox 3.0 or 3.5 on Mac, and Firefox 3.0 — not 3.5! — on Windows) it can result in an unexploitable crash. See http://blog.mozilla.com/security/2009/07/19/milw0rm-9158-stack-overflow-crash-not-exploitable-cve-2009-2479/ for more details.

By: Asa Dotzler

Asa Dotzler — Sun, 19 Jul 2009 18:57:23 +0000

This is a browser out of memory crash. There is no evidence that this is exploitable while all evidence points to it not being exploitable. Pretty much all browsers crash from this but that doesn’t mean that it’s a security issue.

By: Yet another vulnerability issue arises for Firefox 3.5.1 | Geekword

Yet another vulnerability issue arises for Firefox 3.5.1 | Geekword — Sun, 19 Jul 2009 17:41:30 +0000

[...] that was aimed at resolving a Javascript vulnerability found in Firefox 3.5. Well unfortunately another vulnerability has been found in Firefox 3.5.1. The latest vulnerability appears to be a critical one. This undesirable issue can be exploited [...]