The second update to the latest iteration of Mozilla’s open source browser is now available for download. And although Firefox 3.6.3 could have in fact been the refresh that brought Firefox Codenamed Lorentz to users, fact is that the latest release is nothing more than a security update. With Firefox 3.6.3, Mozilla rushed to patch a Critical zero-day vulnerability for which a working attack was demonstrated at CanSecWest 2010’s Pwn2Own hack contest.
“A memory corruption flaw leading to code execution was reported by security researcher Nils of MWR InfoSecurity during the 2010 Pwn2Own contest sponsored by TippingPoint's Zero Day Initiative. By moving DOM nodes between documents Nils found a case where the moved node incorrectly retained its old scope. If garbage collection could be triggered at the right time then Firefox would later use this freed object,” Mozilla noted.
“A memory corruption flaw leading to code execution was reported by security researcher Nils of MWR InfoSecurity during the 2010 Pwn2Own contest sponsored by TippingPoint's Zero Day Initiative. By moving DOM nodes between documents Nils found a case where the moved node incorrectly retained its old scope. If garbage collection could be triggered at the right time then Firefox would later use this freed object,” Mozilla noted.
Select any-one mirror for download
Mirror - 1 Megaupload
Mirror - 2 Mediafire
Password:: www.full-rip-games.blogspot.com
No comments:
Post a Comment