Firefox JavaScript flaw ''just a joke''

Author: Tim Smalley
Published: 4th October 2006
Comments (0) Stumble
The purpose of Spiegelmock and Wbeelsoi's talk was ''to be humourous''. Oh joy.

The purpose of Spiegelmock and Wbeelsoi's talk was ''to be humourous''. Oh joy.

The alleged critical flaws in Firefox's JavaScript implementation have turned out to be a hoax, according to a report on Heise Security.

The report claims that Mischa Spiegelmock - one of the two hackers that made the allegations - told Window Snyder, Mozilla's security chief that the main purpose of their talk was "to be humourous." Sigh.

While the hole does exist and it is still possible to create a stack overflow using the exploit, it seems that Spiegelmock and Wbeelsoi over-exaggerated the implications that the flaw has on a user's system. Indeed, the only result that Spiegelmock has been able to produce is a browser crash.

In fact, nobody has managed to execute code using the exploit, including both Spiegelmock and Wbeelsoi. However, neither hacker has back tracked on the claims about the flawed JavaScript implementation - the claims were just sensationalised in order to make headlines.

Mozilla has stated that it will continue investigations into the flaws and will continue fix areas of code that could cause security issues. You can read the full report here and thanks to TechReport for the heads up.

Discuss in the forums
Newsletter

Register for the bit-tech newsletter to receive the latest news and reviews in your inbox.



We've not created a discussion thread for this story yet. You're welcome to browse our discussion forum in the mean time.

Acer Aspire One Notebook now at Misco!
Corsair 32gb Voyager


Stats: 0.062 seconds