Saturday, December 10, 2005

Mozilla Downplays Firefox 1.5 Exploit

Mozilla Downplays Firefox 1.5 Exploit: "The exploit, which was posted on the PacketStormSecurity.org Web site, targets a buffer overflow in Firefox 1.5, the newest browser release from Mozilla.

'That [code execution] claim is unsubstantiated. We've had no reports, internally or externally, that this goes beyond denial-of-service issue,' Schroepfer said in an interview with Ziff Davis Internet News.

'We've been able to reproduce a denial-of-service problem. We've looked at the source code to analyze the risk and found that it's not a very severe issue.'

'At this point, we have no confirmed evidence that this is anything more than an annoying denial-of-service attack,' he added."

No comments: