Two weeks, two exploits
Mozilla’s security team is rushing out a fix for its flagship Mozilla browser following the public release of attack code that targets a previously unknown vulnerability.
The exploit was released Wednesday online. It attacks a vulnerability present on Windows, Mac and Linux versions of the browser and could be used to surreptitiously execute malware on the machines of users who browse booby-trapped websites. The flaw is classified as a boundary condition error that targets Firefox’s XML parsing features according to SecurityFocus.
This is the second critical vulnerability in Firefox to come to light in as many weeks.