A flaw in Mozilla.org’s popular Firefox browser could expose computers to remote attacks as a result of IDN buffer overflow vulnerability. The bug affects even the latest beta release of the browser.
Computerworld reports that the
problem is caused by a bug in the code Firefox uses to process HTML links in Web pages. Links pointing to a host with a long name composed entirely of dashes can be crafted so that Firefox will execute arbitrary code of an attacker’s choosing.
Mozilla.org has already released the steps to fix the problem. Patches and manual configuration is available on their website.