The researcher who discovered the vulnerability yesterday released with it proof-of-concept code. Mozilla developers jumped on it right away, coming up with a fix.
The flaw is a remote memory corruption vulnerability that affects all versions of Firefox 3.0.x, and could let an attacker execute malware on a victim's machine or crash the browser, according to the vulnerability report. The user would have to be lured into viewing a malicious file with his Firefox browser.
Johnathan Nightingale, whose title at Mozilla is "human shield," says so far Mozilla hasn't seen signs of an exploit in the wild for the bug.
The vulnerability affects Windows, OS X, and Linux versions of Firefox 3.0.x.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message