zero-day flaws in Firefox: about 30 unpatched Firefox flaws

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: zero-day flaws in Firefox: about 30 unpatched Firefox flaws
From: ragan@xxxxxxxxx
Date: 1 Oct 2006 09:55:10 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

http://news.com.com/2100-1002_3-6121608.html?part=rss&tag=6121608&subj=news

An attacker could commandeer a computer running the browser simply by crafting 
a Web page that contains some malicious JavaScript code, Mischa Spiegelmock and 
Andrew Wbeelsoi said in a presentation at the ToorCon hacker conference here. 
The flaw affects Firefox on Windows, Apple Computer's Mac OS X and Linux, they 
said.

The hackers claim they know of about 30 unpatched Firefox flaws. They don't 
plan to disclose them, instead holding on to the bugs.

"I do hope you guys change your minds and decide to report the holes to us and 
take away $500 per vulnerability instead of using them for botnets," Ruderman 
said.

Follow-Ups:
- Re: zero-day flaws in Firefox: about 30 unpatched Firefox flaws
  - From: Mailinglists Address

Prev by Date: [OpenPKG-SA-2006.022] OpenPKG Security Advisory (openssh)
Next by Date: IBM Informix Dynamic Server V10.0 File Clobbering during Install
Previous by thread: [OpenPKG-SA-2006.022] OpenPKG Security Advisory (openssh)
Next by thread: Re: zero-day flaws in Firefox: about 30 unpatched Firefox flaws
Index(es):
- Date
- Thread