Packetstorm in a teacup; Firefox still secure

Filed under
Moz/FF
Security

The first exploit for Mozilla Firefox 1.5 was discovered by Packetstorm last week. However initial reports that Packetstorm's hack could completely disable Firefox seem grossly exaggerated.

Packetstorm's proof of concept exploit for Firefox involves writing really long topics to Firefox's cache (2.5 million characters in Packetstorm's example). When the browser tries to load, it starts to take strain while reading the cache file.

But despite initial claims by Packetstorm that Firefox would not start, this hack only slows the loading of Firefox -- possibly up to a few minutes.

Full Story.