Saturday, April 19, 2014
Search
  
Wednesday, October 04, 2006
 Mozilla researchers duped by hacker's 'humorous' exploit
You are sending an email that contains the article
and a private message for your recipient(s).
Your Name:
Your e-mail: * Required!
Recipient (e-mail): *
Subject: *
Introductory Message:
HTML/Text
(Photo: Yes/No)
(At the moment, only Text is allowed...)
 
Message Text: One of the hackers who demonstrated exploit code for a vulnerability in the way the Firefox browser handles JavaScript at a hacker conference in San Diego admitted today that the presentation was meant to be a joke, according to Mozilla Corp.'s chief of security.

Mozilla security researchers spent most of Sunday and yesterday scrambling to determine if exploit code revealed during a presentation by hackers Mischa Spiegelmock and Andrew Wbeelsoi at Toorcon over the weekend could allow someone to execute malicious code through a memory corruption attack on Firefox.

However, Window Snyder, who leads Mozilla's security team, said Spiegelmock admitted to the company that the presentation was meant to be humorous, and he and Wbeelsoi had not actually achieved remote execution with the exploit code demonstrated at the show.

"At best, in some cases it will crash only the client," Snyder said. "That's all we've been able to verify at this point."

Spiegelmock, who works for Six Apart Ltd., confirmed as much in his LiveJournal blog, in which he includes a link to a statement he made that is posted on Snyder's Mozilla blog.
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .