The exploit portal Milw0rm has published an exploit for Firefox 3.5. The exploit demonstrates a security vulnerability by starting the Windows calculator. In testing by heise Security, the exploit crashed Firefox under Vista, but security service providers Secunia and VUPEN confirmed that attackers using prepared websites can infect PCs. The cause of the problem is a buffer overflow when processing specially prepared Font tags.
- Mozilla Firefox Memory Corruption Vulnerability, a report from Secunia.
- Mozilla Firefox Elements Handling Memory Corruption Vulnerability, a report from VUPEN.