Image Processing Flaw Found in Firefox
Firefox users may be vulnerable to a denial of service attack after researchers looked into reports of a new vulnerability within Firefox 18.104.22.168. The flaw exists in how the browser handles image tags. The SANS Internet Storm Center first wrote off the problem, but continued research has shown that the flaw could be used maliciously.
Eventually, the system would become unresponsive, say researchers. While this may seem fairly benign, some security experts sounded the alarm.
"Guys, this is a PoC [proof of concept], do you understand what it can do? Now it opens ~100 mail windows, but what if it does a lot worse, just because the img xsrc= tag can be used to open almost everything?" warned Securityview in a Web log post on Saturday.
Security firms such as Secunia did not list the vulnerability as of press time, but it is likely they would eventually post an advisory, as would other firms. Mozilla has not yet commented on the discovery of the vulnerability.