Per Mozilla Bug Bug 503286:
A remote, unauthenticated attacker may be able to execute arbitrary code or cause Firefox to crash.
Firefox 3.5.1 has been released to address this issue. See Mozilla Foundation Security Advisory 2009-41 for more information. Until updates can be applied, the below workarounds may mitigate this issue.
|Temporal||0||E:Not Defined (ND)/RL:Not Defined (ND)/RC:Not Defined (ND)|
|Environmental||0||CDP:Not Defined (ND)/TD:Not Defined (ND)/CR:Not Defined (ND)/IR:Not Defined (ND)/AR:Not Defined (ND)|
Information from zbyte, Mozilla, and other sources was used in this report.
This document was written by Ryan Giobbi.
|Date First Published:||2009-07-14|
|Date Last Updated:||2009-07-17 12:05 UTC|