UPDATE: The exploit only affects Firefox 17 and involves several JS heap-sprays. Note that the current Extended Support Release is Firefox 17, so this may also affect some large organizations using Firefox ESR.

http://pastebin.mozilla.org/2777139

The script will only attempt the exploit on Firefox 17, so I'm no longer worried about it being some new 0day. Enough of the "Critical" MFSAs are for various sorts of memory corruption that I don't have the time to find out if this is actually a new exploit or something seen before.

And after the abuse the onionland community (or at least certain bad apples) has heaped upon talk.onion, I'm not sure I care if the TBB contains a vulnerable version of Firefox anymore.

Reply · Report Post