New FireFox Vulnerability: Remote Buffer Overflow

[ page last updated: Sep. 24, 2005. ]

Both FrSIRT and CNET are reporting a recently discovered security vulnerability affecting all versions of Firefox, including the recently released Firefox 1.5 Beta.

According to FrSIRT, “A vulnerability has been identified in Mozilla Firefox and Mozilla Suite, which could be exploited by remote attackers to execute arbitrary commands. This flaw is due to a buffer overflow error in the “NormalizeIDN” function when handling malformed URLs containing “0xAD” characters embedded in HTML tags (e.g. “A HREF”), which could be exploited by remote attackers to take complete control of an affected system via specially crafted Web pages”.

Apparently Netscape 8.0 is also affected by a similar issue.

CNET is claiming that security researcher Tom Ferris mentioned the problem to the Mozilla Foundation as early as Sunday, then decided to publicly disclose the flaw. Mozilla responded by stating that the bug is still under investigation and that “users are currently not at risk because there are no known attacks that take advantage of the flaw”.

The Solution / Temporary Fix: (according to FrSIRT)

Disable IDN support by entering “about:config” in the location bar, and then setting “network.enableIDN” to “false”.

Update: BetaNews is reporting [September 12, 2005, 12:09 PM] that: “Mozilla developers acted fast to patch a new security vulnerability in Firefox, which slipped its way into the first beta build of Firefox 1.5 and exists in earlier versions as well. However, the patch simply disables the buggy feature while a permenant fix is worked out”. Still useful for all those not comfortable with the fix provided above.

Update: Mozilla Firefox 1.0.7 was released [September 21, 2005, 12:09 PM] which addresses several recent security issues, including the one described above. For more info you can visit Mozillazine.

Comments 5

  1. jeremi wrote:

    Excuse me, i could not found your email.
    There is a problem on your rss feed, he is not valid.

    Posted 13 Sep 2005 at 3:11 pm
  2. admin wrote:

    hi jeremy,
    thanks for the heads up.
    that “wp-rss2.php” feed URL is an old one.
    that should work.

    Posted 13 Sep 2005 at 5:18 pm
  3. Andjjargirlls wrote:

    RobertJuly 16, 2012 – 8:03 As a counselor I help many ppoele with sexual addictions. For those that know about them, the incognito and private browsing options allow them to go to websites they struggle staying away from without getting caught. Aside from accountability programs, that are easily hackable, there hasn’t been many options to help them stay clean.I downloaded your file myself to ensure it works, and to remove any temptations I may have, and will be recommending it to all my clients. It was fast and works great! All the mentioned options are gone. Thanks for your work.

    Posted 30 May 2015 at 4:57 am
  4. monacolife wrote:

    great post

    Posted 22 Aug 2017 at 3:10 pm
  5. kapustakill wrote:

    Information helped me a lot

    Posted 22 Aug 2017 at 3:41 pm

Post a Comment

Your email is never published nor shared. Required fields are marked *