Low Risk Denial of Service in Firefox

Window Snyder

15

Issue

A null pointer dereference in the content layout component of Firefox allows an attacker to crash the browser when a user navigates to a malicious page.

Impact

If a user browses to a malicious page that takes advantage of this vulnerability, the browser will crash.  A feature in Firefox called Session Restore will restore the browser session when Firefox is restarted and will likely save user typed content in text areas as well.  This feature is designed to save users’ work in the event of a crash or browser restart.

Status

This issue is currently under investigation.  Mozilla has assigned this bug an initial severity rating of low because of the minimal security risk to users.

Credit

Radware reported this issue to Mozilla.

15 responses

  1. Sam Hasler wrote on ::

    If the page that you crashed on is in the session won’t you just crash as soon as you start up again though?

  2. Jesse Ruderman wrote on ::

    What’s special about this crash bug that merits a post on the Security Blog? Most such bugs are public and not treated as security holes.

  3. Mook wrote on ::

    Is there some sort of bug number we can refer to? (Even if the bug is private, so that we would be able to refer back to it once it has been removed from the group)

  4. Window Snyder wrote on ::

    Mook, the bug is here: https://bugzilla.mozilla.org/show_bug.cgi?id=448564

    Jesse, I posted about this issue because Radware issued a press release and I wanted to make sure our users had enough context to understand that this is a low risk issue.

  5. Thomas Jedenfelt wrote on :

    If this is the same security issue as in Firefox 2, then there is a temporary solution, as stated in [Mozilla Firefox 2.0.0.3 Release Notes, March 2007]. See also [Firefox 3 Knowledge Base / Session Restore]:
    “The Session Restore functionality provided in Firefox 2 will restore connections to services which use session cookies to maintain login state such as GMail. It is recommended that users with concerns about the privacy implications of this behavior change the value of browser.sessionstore.resume_from_crash to false.”

  6. Security Software Developer wrote on ::

    The blog is alive or dead? The latest post was written on 07.30.08 but today is december 2008.

    Good luck

  7. .NET Component Library wrote on ::

    I think the blog is dead :(.

  8. Dicks wrote on :

    Hey, is there a german blog of firefox and co?

    I searched up google but i don’t found anything.

    Regards M. Dicks (Is my real name :D)

  9. loren salmonson wrote on ::

    My latest version of Firefox, installed just a few days ago, just jumped to full-screen and the messages there said that my system had been attacked and someone now knew my IP address. I was unable to X out, nor minimize the screen. The system repeatedly tried to install something called Install.exe, in order to as it said it wanted to installed better security programs. I rebooted my system and again Firefox did that same thing, so I assume that this all means that something in Firefox files has been infected. So I removed Firefox from my desktop. I know that this is probably not the Low Risk Denial of Service in Firefox problem, but would someone advise me if these symptoms have been seen before, and if I can safely reinstall Firefox without a recurrence. (I already removed all associated data including cookies.)

  10. Hari Krish wrote on :

    I would like to know, if this bug has been fixed in any of the firefox version released till now or can anyone tell in which forth coming release, this issue will be fixed?????

  11. BigD wrote on :

    I have a program called glue that keeps popping up every time I start Firefox, Does anyone know how to get rid of this program? It is not in add or remove programs and I have not found any related files at least yet. I have found no way to remove it and it is a fricken pest.

  12. Ann froshaug wrote on ::

    Firefox claims re safety and comparisons re safety as compared with internet explorer only take us to 2006/7 it’s February 2009 now why not update please?

  13. catrina williams wrote on :

    i was using Firefox one day and all of a sudden my browser crashed and now when i try to pull it up,it tells me to send an error report. but i can’t get to any pages.

  14. Daniel Veditz wrote on :

    @Ann Froshaug: Those comparison reports were authored by third parties (the most recent by a technology reporter for the Washington Post). We would love more recent reports but we’re afraid that if we author them ourselves people will focus on looking for evidence of bias.

  15. Peter wrote on :

    My Firefox crashes a lot, especially when I go to websites as “www.prisonplanet.com , brasscheck.com etc”, but also some erotic pages (lets be honest people !). The crashes really look like DOS attacks, cause sometimes, days on end, when I don’t visit these websites everything is fine, but when I do visit them, then suddenly I get dozens of DOS attacks within a few hours.
    I work on a MAC computer