Article

Mozilla warns of critical Firefox JavaScript vulnerability

SearchSecurity.com Staff

Mozilla warned Tuesday that a critical flaw in its new Firefox 3.5 browser could be used to execute malicious code.

The vulnerability is in Firefox 3.5's Just-in-time (JIT) JavaScript compiler, Mozilla reported on its security blog.

    Requires Free Membership to View

The flaw, which was disclosed Monday, can be exploited by an attacker who dupes a user into viewing a webpage with the malicious code, according to Mozilla.

Danish vulnerability clearinghouse Secunia rated the vulnerability highly critical in its security advisory.

Mozilla is working on a fix for the flaw, but said it can be mitigated by disabling JIT in the JavaScript engine and provided instructions in its blog post. "Note that disabling the JIT will result in decreased JavaScript performance and is only recommended as a temporary security measure," the organization noted.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: