The exploit portal Milw0rm has published an exploit for Firefox 3.5. The exploit demonstrates a security vulnerability by starting the Windows calculator. In testing by heise Security, the exploit crashed Firefox under Vista, but security service providers Secunia and VUPEN confirmed that attackers using prepared websites can infect PCs. The cause of the problem is a buffer overflow when processing specially prepared Font tags.
Download firefox 3.5 zero day Exploit : http://www.milw0rm.com/exploits/9137
Related articles :
- Highly Critical Security Vulnerability Found in Firefox 3. (mashable.com)
- Firefox users: critical security vulnerability (consumingexperience.com)