Firefox Zero-Day Code Execution Hoax? - Past News

Past News - CIOInsight

CIOInsight.com

Subscribe

Firefox Zero-Day Code Execution Hoax?

Past News

Firefox Zero-Day Code Execution Hoax?

By Ryan Naraine
2006-10-03

Article Views: 1888
Article Rating:

/ 0

Rate This Article:

Add This Article To:

Digg this

Del.icio.us

Slashdot

Print

Furl

Google

Simpy

PDF Version

A public claim by hackers that Mozilla's Firefox browser is vulnerable to multiple code execution vulnerabilities may be a joke gone awry.

A public claim by hackers that Mozilla's Firefox browser is vulnerable to multiple code execution vulnerabilities may be an overblown hoax.

On the heels of a ToorCon presentation where two security researchers—Mischa Spiegelmock and Andrew Wbeelsoi—warned that Firefox's implementation of JavaScript was badly flawed and could allow PC takeover attacks, Mozilla's engineers say the risk is limited to a denial-of-service issue.

Spiegelmock, a developer at Six Apart, a blog software company in San Francisco, now says the ToorCon talk was meant "to be humorous" and insists the code presented at the conference cannot result in code execution.

Spiegelmock's strange about-face comes as Mozilla's security response team is racing to piece together information from the ToorCon talk to figure out how to fix the issue.

Mozilla security chief Window Snyder, who was an attendee at the conference, said the company is treating the claims as real until it can be verified otherwise but, as of Oct. 2, the open-source group could only reproduce a denial-of-service issue that caused a browser crash.

"In some cases this causes a crash based on an out-of-memory error. Based on the information we have at this time we have not been able to confirm whether an attacker can achieve code execution. We're still investigating," Snyder said.

Read the full story on eWEEK.com: Firefox Zero-Day Code Execution Hoax?

	Discuss Firefox Zero-Day Code Execution Hoax?

	>>> Be the FIRST to comment on this article!



	>>> More Past News Articles >>> More By Ryan Naraine

Email Article To Friend ♦ Print Version Of Article ♦ PDF Version Of Article

FEATURED SPONSORED MESSAGE

Microsoft Windows Server 2008 R2

Building on the award-winning foundation of Windows Server 2008, R2 enables IT professionals to increase the reliability and flexibility of their server infrastructures.

Access a trove of Microsoft resources, analyst white papers, and multimedia presentations on Windows Server 2008 R2.

Click Here for More!

Brought to You By

FEATURED SPONSORED CONTENT

Improve Communication and Collaboration

Enable employees to more effectively collaborate and compete in a tough economy. Make communications and collaboration efficient, more secure, less expensive, and easier to manage.

A Unified Communications deployment can help reign in the costs and the chaos by combining voice, data, fax, conferencing, and presence awareness into a single, versatile system.

Learn More

Brought to You By

BIZTECH 3.0

By Brian P. Watson

CIOs and the Consumerization of IT

New advice on how CIOs should bring consumer-focused technologies into the enterprise.

CIO STRATEGY

The Perfect IT Book for the Business?

Parkinson needs a book that explains IT to the business. Got any suggestions?

Google CIO on IT's Role in Corporate Culture

RECENT NEWS

Loving, Hating IT Vendors

Health Panel Seeks Easing of IT Rules

Grandma and the Aliens

RECENT NEWS ITEMS

KNOW IT ALL

By Tony Kontzer

Internet Addiction: A Mental Illness?

A leading psychiatric group doesn't think so. But maybe it should.


	Employee Web Use and Misuse: Companies, Their Employees and the Internet Bringing Windows Server Virtualization to Your Production Environment Boosting Sales Performance during Tough Times See All White Papers >

EDITORS' PICKS

7 Growing IT Trends for 2010

UniGroup CIO on Enabling the Business

The Big "Ifs" of IT Leadership

10 Principles for Balancing Work, Life

8 Ways to Advance Your Career

	LATEST STORIES
	- IT's Top 10 Business Priorities for 2010 - Top 10 Tech Priorities for 2010 - Cloud Computing: Analyzing Business Expectat... - Analyics at Work: Utilizing Analysts - Back to IT`s Future

FEEDBACK

Send your thoughts about CIO Insight, its Web site, and any individual articles to editors@cioinsight-ziffdavisenterprise.com

	Ziff Davis Enterprise RSS Feeds
	Get CIO Insight news delivered to your desktop with RSS.


		Get Free BlackBerry® Enterprise Server Express Cost-Saving, efficient VoIP solutions provided by CIMCO Servers that cut energy costs by 95%? Cool. Save time & money with Microsoft's cloud services. Simplicity is Power. Start simplifying with Citrix. Register for WES 2010 by March 26 and save $200. One number. One voicemail. Sprint Mobile Integration. CDW Healthcare offers the IT solutions you need. FREE Sophos Encryption Tool: Encrypt, compress and share files easily.

CIO Insight:	Issue Index \| Contact Us \| About \| Advertise \| Magazine Customer Service \| Site Map
Quick Links:	Enterprise Mobility Zone \| Management Case Studies \| Loyalty Programs \| Term Sheet \| Strategy Maps \| Organizational Behavior \| Net Present Value Calculator \| Link to Us
	Security: Network Security Entprise Networking Infrastructure Security How To: Data IT Security News Cheap Hack Blog Security Watch Blog Storage: Storage Cloud Storage Storage Virtualization Network Access Storage Storage Reviews Data Storage News How To: Storage Storage Station Blog Computing: Apple OSX Linux Systems Windows Vista Managed Print Services Cloud Computing PC Reviews Microsoft Watch Blog Apple Watch Blog Google Watch Blog Communications: VoIP Solutions Wireless Technology Messaging Software Web Services Mobile Applications Wireless News Mobile Reviews Apps & Development: Application Development SAAS Search Engines Database Software Web 2.0 IT Project Management Emerging Tech Blog CIO Insight Blogs CIOs
	Vertical Markets: Federal Government IT Health Care IT Finance IT Mid-Market Channel Partners Careers Blog Value Added Resellers More eWeek Links: Green Computing Tech Knowledge Center Tech Newsletters Tech RSS Feeds White Papers Tech Podcasts Tech Videos Magazine Subscriptions Enterprise Websites: ZDE Home eWeek Baseline Channel Insider CIO Insight eSeminars eWeek Mid-Market Publish Online Web Buyers Guide Developer Websites: Dev Shed DeveloperShed ASP Free MS DevSource SEO Chat Codewalkers Tutorialized Scripts.com Dev Mechanic Dev Articles Web Hosters Dev Hardware Technology Websites: Device Forge Desktop Linux Linux Devices Windows for Devices TechDirect iGrep Search Engine PDF Zone Linux Watch
	Use of this site is governed by our Terms of Use and Privacy Policy Copyright ©1996-2010 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited. eWeek is your best source for the latest Technology News. ZDE Cluster 10 hosted by Hostway.