zero-day flaws in Firefox: about 30 unpatched Firefox flaws
http://news.com.com/2100-1002_3-6121608.html?part=rss&tag=6121608&subj=news
An attacker could commandeer a computer running the browser simply by crafting
a Web page that contains some malicious JavaScript code, Mischa Spiegelmock and
Andrew Wbeelsoi said in a presentation at the ToorCon hacker conference here.
The flaw affects Firefox on Windows, Apple Computer's Mac OS X and Linux, they
said.
The hackers claim they know of about 30 unpatched Firefox flaws. They don't
plan to disclose them, instead holding on to the bugs.
"I do hope you guys change your minds and decide to report the holes to us and
take away $500 per vulnerability instead of using them for botnets," Ruderman
said.