[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Hackers plant Firefox 0day on Nobel Peace Prize website
From: InfoSec News <alerts () infosecnews ! org>
Date: 2010-10-27 8:07:43
Message-ID: Pine.LNX.4.61.1010270307330.26442 () conundrum ! infosecnews ! org
[Download RAW message or body]
http://www.theregister.co.uk/2010/10/26/firefox_0day_report/
By Dan Goodin in San Francisco
The Register
26th October 2010
Malicious hackers have exploited an unpatched vulnerability in the
latest version of Firefox to attack people visiting the Nobel Peace
Prize website, a Norway-based security firm said on Tuesday.
Mozilla representatives confirmed a "critical vulnerability" in versions
3.5 and 3.6 of the open-source browser. It came several hours after the
organization members were said to have made the same admission on this
password-protected Bugzilla page.
According to Einar Oftedal, a detection executive at Norman ASA in Oslo,
the official website for the Nobel Peace prize, nobelpeaceprize.org, was
compromised so that it contained an iframe link to a malicious server.
"This iframe has a multi exploit backend and serves exploits for
Firefox, including a working remote exploit for firefox 3.6.11," he said
in an instant message to The Register. "We didn't see any 0day for IE,"
he added, referring to Microsoft's browser.
[...]
___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic