[Full-disclosure] Beware the firefox ZERO DAYZZZZ
arasm at vt.edu
Sun Aug 17 17:19:27 BST 2008
Please allow me to apologize for if I misunderstood your claim(s)... However, in your subject you are warning us about a FF 0-day while all you provide as 'proof' is anubis' examination of the 'after-the-fact' ...
Could you pls give us a li'l more? Perhaps some logs (browser URL history, firewall, AV, event logs all scrubbed for non-related data), your FF version at the time of pwnage, a brief personal account on how this 'might' have happened etc etc might help us analyze and prep better for it.
In the meantime, it looks like it's pretty easily detectable per the prev. reply and I'd like to note that Ikarus ID'd one of it's components as:
So... Thx for the analysis but looks like more info is needed IMO! :)
Aras 'Russ' Memisyazici
Office of the Vice President for Research
Full-Disclosure is hosted and sponsored by Secunia.