Description:
SBerry has discovered a vulnerability in Mozilla Firefox, which can be exploited by malicious people to compromise a user's system.The vulnerability is caused due to an error when processing JavaScript code handling e.g. "font" HTML tags and can be exploited to cause a memory corruption.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 3.5. Other versions may also be affected.
Solution:
Do not browse untrusted websites or follow untrusted links.
Provided and/or discovered by:
SBerry (Simon Berry-Byrne)
Original Advisory:
http://milw0rm.com/exploits/9137
Mozilla Firefox 3.5 Remote Buffer Overflow Exploit (untested crash) - ふうてんのまっちゃだいふくの日記★とれんどふりーく★
うにゅ。。。 JavaScript 無効にしていても回避できないのかしらん?
Do not browse untrusted websites or follow untrusted links.
へ〜い。
7/15 追記
Firefox 3.5 に脆弱性 - 落書き part-4
応急的な回避策は上のブログでも書かれている通り、about:config で javascript.options.jit.content の値を false に変更すること。
Secunia Advisory:SA35798も7/15にアップデートされています。