The problem was originally reported three weeks ago by Mozilla Security Group researcher Martijn Wargers and Nick Mott. To trigger a Firefox 1.5 crash, one needed to set an IFrame as an HTML edit frame, then load HTML containing another IFrame.
As the Mozilla team worked on a fix, others provided additional exploit proofs of concept.
While FrSirt describes the flaw as a memory corruption error, Mozilla developers say it is not the result of a buffer overflow.
All in all, the Mozilla crew took less than 3 weeks to release the fix… assuming the problem is entirely fixed.
This morning, Mott reported that, after updating to 220.127.116.11, Firefox no longer crashes, but “the contents of the outer IFrame still do not load correctly. I should be able to edit text inside around the embedded iframe.”
Developers are awaiting further input from Mott, but they believe the crash portion of the problem has been solved.
Before Internet Explorer-types get all lathered up, they should note that, while Secunia knows of only 3 outstanding Security advisories for up-to-date Firefox 1.x, and ranks them as Less Critical, the security authority lists 21 unresolved advisories for Internet Explorer 6.x, one of which is rated Highly Critical.
In all fairness, neither Safari 2.x nor Opera 8.x have been pounded on for as long, or by as many people as IE 6.x and Firefox 1.x.
Email Battles Backgrounder: