Security experts at Packet Storm have published proof-of-concept code that exploits an unpatched flaw in the Firefox 1.5 browser, making the application vulnerable to a denial of service attack. The code marks the first publicly disclosed security vulnerability in Firefox 1.5 since the version became available in late November. The published code will add a large entry to the 'history.dat' file of the browser, causing the application to freeze or crash the next time it is launched. Users can fix the problem by manually erasing the file. Another option is to change the browser setting to disable the saving of history data by setting the days of saved history to zero or increasing the privacy control. While the proof-of-concept code is relatively harmless, the flaw could be exploited to install malware, according to John Bambenek, a researcher with the University of Illinois at Urbana-Champaign and a volunteer at the SANS Internet Storm Center. "Presumably, if the topic was more tightly crafted than in the proof-of-concept code, a more malicious attack could be crafted that would install malware on the machine with the extra step of being reinstalled after each restart of Firefox," Bambenek wrote. Source: VNUNET
