» Subscribe to Newsletter
» Switch to BizTech2.com
                       
Home » News » Windows PCs & Laptops » Firefox Javascript Hack Was a Hoax
Firefox Javascript Hack Was a Hoax
By: Jayesh Mansukhani   |   Oct 04, 2006

In a rather unamusing turn of events the two hackers who claimed to have exposed and demonstrated JavaScript vulnerability have now retracted their clams on the bug. It turns out now the whole exercise was nothing but a big fat joke by fools with too much time on their hands.

It all started last week when Mischa Spiegelmock and Andrew Wbeelsoi demonstrated code designed to exploit Firefox JavaScript vulnerability at the ToorCon hacker conference. They had also claimed at the time that they had nearly three dozen vulnerabilities they weren't going to talk about. An alarmed Mozilla who is steadily working towards releasing Firefox 2 had immediately began investigating and reviewing its code to find these vulnerabilities.

The joke last only a few days however. This past Monday the jokers came clean and admitted to their prank. In a message sent to Mozilla which they have put up at their development Spiegelmock went on to say,

The main purpose of our talk was to be humorous. As part of our talk we mentioned that there was a previously known Firefox vulnerability that could result in a stack overflow ending up in remote code execution. However, the code we presented did not in fact do this, and I personally have not gotten it to result in code execution, nor do I know of anyone who has.

I have not succeeded in making this code do anything more than cause a crash and eat up system resources, and I certainly haven't used it to take over anyone else's computer and execute arbitrary code.

I do not have 30 undisclosed Firefox vulnerabilities, nor did I ever make this claim. I have no undisclosed Firefox vulnerabilities. The person who was speaking with me made this claim, and I honestly have no idea if he has them or not.

The only saving grace in this entire supposed laugh-a-riot is the fact Mozilla is taking no chances and putting their code under a stricter review to weed out potential problems.
Tags:
 
Ads by Google 
Post a Comment on “Firefox Javascript Hack Was a Hoax”
Comment : 
Name : 
City : 
Email : 
iam sure a code which can crash and eat up resources surely has more possible actions. it is sure is a mockup excercise to prevent the further image damge to firefox.but is too much to call as a hoax.
rajkumar chennai @ Oct 04, 2006
Ads by Google 
Ads by Google
Products
Camcorders  |   Controllers  |   CPUs  |   Desktop PCs  |   Digital Cameras  |   Digital Video Recorders  |   DVD Players  |   Games  |   Gaming Consoles  |   General  |   GPS Systems  |   Handhelds / PDAs  |   Hard Drives  |   Headphones & Headsets  |   HiFi Audio Systems  |   Home Theater Systems  |   Input Devices  |   Internet  |   Laptops  |   lenovo  |   Low Level Components  |   Mac Systems  |   Mobile Phone Accessories  |   Mobile Phones  |   Monitors  |   Motherboards  |   MP3 / Audio Players  |   Multi-Function Devices  |   Networking  |   Optical Drives  |   PC Add-on Cards  |   PC Cabinets  |   PC Games  |   Printers  |   Projectors  |   RAM Modules  |   Scanners  |   Software  |   Speakers  |   Telecom  |   TVs  |   Video Players  |  
Careers | About Us | Tech2 Staff | Ad Inventory | Site Profile | Copyright © 2007, Tech2.com India - A Network 18 India Venture