Hi Malware Fighters,
Researcher Michal Zalewski has uncovered more crash bugs in the Firefox browser. They affect the current version 1.5.0.6. Zalewski has released proof-of-concept attacks. See here:
http://lcamtuf.coredump.cx/ffoxdie.html (Click at your own risk with JavaScript enabled to crash your browser)
The vulnerability results in memory corruption. The cause is a race condition that causes mismanagement of memory, such as freeing the same area twice.
Definition of a race condition:
Irregular behavior of a program due to unexpected critical dependence on the relative timing of events. For example, two different processes may be simultaneously reading from and writing to the same file, resulting in data read not being up-to-date.
When Javascript timers or other browser events interrupt browser components while they are running, freed memory structures are potentially left in an unexpected state.
Such attacks can often lead to arbitrary code execution, but there is no proof that this one can.
Due to heavy code re-use in the Mozilla family, it's possible that products other than Firefox are vulnerable.
So NoScript on, and not a lot can get wrong.
It is also found by me that XPCOM_CORE,DLL, NSPR4.DLL, PLCH.DLL & PLDS4.DLL of the components file have errors on opening through JAR50.DLL, at least found by dependency walker. If you have one wrong plug-in installed it can also crash this browser, to my knowledge Flock is less sensitive here.
polonus