It appears that the folks over at Secunia have found a JavaScript flaw in Firefox. The flaw allows a script to read an arbitrary amount of information contained in the browser memory. This data could be anything from URLs to JavaScript commands. Secunia has posted a test that demonstrates the flaw. The test uses a buffer overrun technique to access the memory, similar to popular hacking methods used worldwide.

Disclaimer: Any viewpoints and opinions expressed in this article are those of Nicholas C. Zakas and do not, in any way, reflect those of my employer, my colleagues, Wrox Publishing, O'Reilly Publishing, or anyone else. I speak only for myself, not for them.

Both comments and pings are currently closed.