Jump to content

Firefox 3.5 remote exploit


Denismage
 Share

Recommended Posts

Disable javascript until they patch it. When you visit a webpage with 'something', it will crash the browser and download/launch anything.

 

 

 

This is most likely going to be patched in a few days, but so much for firefox being secure.

Link to comment
Share on other sites

This is a runescape forum it doesn't support these types of discussions. I could give you the whole code that does the whole crashing + opening a program operation but you don't need it.

 

I'm just trying to warn people, not spread false rumours, and I use firefox myself.

Link to comment
Share on other sites

The least you could do is not be a [rooster] about it and provide some actual detail and sources that don't rest on faith in your own authority. Please get off your high-horse, you can contribute to the community without it.

 

Disabling javascript in it's entirely is overkill.

 

 

 

http://voices.washingtonpost.com/securityfix/2009/07/stopgap_fix_for_critical_firef.html is a temporary fix for anyone who cares.

 

http://secunia.com/advisories/35798/ is information on the vulnerability.

Link to comment
Share on other sites

This is a runescape forum it doesn't support these types of discussions. I could give you the whole code that does the whole crashing + opening a program operation but you don't need it.

 

I'm just trying to warn people, not spread false rumours, and I use firefox myself.

 

 

 

Denismage,

 

 

 

That's nice that you could give me the code, congrats on being a script kiddie who can copy paste things off milw0rm. This post is the same as all of your other posts. The information is iffy. You are telling everyone to disable JavaScript when there is a patch for it (not surprised). Maybe what you should have done is search around like you did with your anti hack post (which was [cabbage]) when you are unsure on the topic or you could simply keep your [bleep]ing mouth shut.

 

 

 

Sloter

Link to comment
Share on other sites

This is a runescape forum it doesn't support these types of discussions. I could give you the whole code that does the whole crashing + opening a program operation but you don't need it.

 

I'm just trying to warn people, not spread false rumours, and I use firefox myself.

 

 

 

Denismage,

 

 

 

That's nice that you could give me the code, congrats on being a script kiddie who can copy paste things off milw0rm. This post is the same as all of your other posts. The information is iffy. You are telling everyone to disable JavaScript when there is a patch for it (not surprised). Maybe what you should have done is search around like you did with your anti hack post (which was [cabbage]) when you are unsure on the topic or you could simply keep your [bleep] mouth shut.

 

 

 

Sloter

 

 

 

Oh yes. I'm being bashed by a tip.it online techie. Are you still upset about the other topic?

 

Yes, I'm such a script kiddie, I warned people about the exploit they didn't know existed before. Yeah, I created the other topic just to show off my googling skills, and all the programs I contributed are ripped off somewhere else. I'm feeling so threatened by you and your computer knowledge, I'm shaking. I'm so afraid you are going to somehow trick my into opening your batch virus which will mess up my system for good and remove my internets. Oh, and you know milw0rm, that surprised me! It's only the biggest exploit website on the web.

 

Please don't smite me with your uber dos program sloter, I'll behave.

Link to comment
Share on other sites

Stop being a [rooster].

 

 

 

Plain and simple, you posted telling people to turn off javascript to protect themselves from a firefox vulnerability you couldn't tell them about. No sources, no other information. It's nice that you're trying to warn people, but please don't pretend you're someone special because of it, and then don't get so frelling defensive when people point that out to you.

Link to comment
Share on other sites

This is a runescape forum it doesn't support these types of discussions. I could give you the whole code that does the whole crashing + opening a program operation but you don't need it.

 

I'm just trying to warn people, not spread false rumours, and I use firefox myself.

 

 

 

Denismage,

 

 

 

That's nice that you could give me the code, congrats on being a script kiddie who can copy paste things off milw0rm. This post is the same as all of your other posts. The information is iffy. You are telling everyone to disable JavaScript when there is a patch for it (not surprised). Maybe what you should have done is search around like you did with your anti hack post (which was [cabbage]) when you are unsure on the topic or you could simply keep your [bleep] mouth shut.

 

 

 

Sloter

 

 

 

Oh yes. I'm being bashed by a tip.it online techie. Are you still upset about the other topic?

 

Yes, I'm such a script kiddie, I warned people about the exploit they didn't know existed before. Yeah, I created the other topic just to show off my googling skills, and all the programs I contributed are ripped off somewhere else. I'm feeling so threatened by you and your computer knowledge, I'm shaking. I'm so afraid you are going to somehow trick my into opening your batch virus which will mess up my system for good and remove my internets. Oh, and you know milw0rm, that surprised me! It's only the biggest exploit website on the web.

 

Please don't smite me with your uber dos program sloter, I'll behave.

 

 

 

It isn't the fact that you were warning us, but you're telling people to cripple the functionality of their browser without telling them why. What does DOS have to do with anything? How did that come up in me telling you to shut up?

Link to comment
Share on other sites

This is a runescape forum it doesn't support these types of discussions. I could give you the whole code that does the whole crashing + opening a program operation but you don't need it.

 

I'm just trying to warn people, not spread false rumours, and I use firefox myself.

 

 

 

Denismage,

 

 

 

That's nice that you could give me the code, congrats on being a script kiddie who can copy paste things off milw0rm. This post is the same as all of your other posts. The information is iffy. You are telling everyone to disable JavaScript when there is a patch for it (not surprised). Maybe what you should have done is search around like you did with your anti hack post (which was [cabbage]) when you are unsure on the topic or you could simply keep your [bleep] mouth shut.

 

 

 

Sloter

 

 

 

Oh yes. I'm being bashed by a tip.it online techie. Are you still upset about the other topic?

 

Yes, I'm such a script kiddie, I warned people about the exploit they didn't know existed before. Yeah, I created the other topic just to show off my googling skills, and all the programs I contributed are ripped off somewhere else. I'm feeling so threatened by you and your computer knowledge, I'm shaking. I'm so afraid you are going to somehow trick my into opening your batch virus which will mess up my system for good and remove my internets. Oh, and you know milw0rm, that surprised me! It's only the biggest exploit website on the web.

 

Please don't smite me with your uber dos program sloter, I'll behave.

 

 

 

It isn't the fact that you were warning us, but you're telling people to cripple the functionality of their browser without telling them why. What does DOS have to do with anything? How did that come up in me telling you to shut up?

 

 

 

Ok honey. Talk to me when you quit pmsing.

Link to comment
Share on other sites

They have plenty of a reason. It'd be nice if you gave a [bleep]ing reason why someone should turn off all java instead of just telling them to do so. Sorry but you really do not have the authority on these forums to be able to make those kind of calls, and no one is going to just take your word on it. There also is no need to talk down to people, it's really [bleep]ing annoying. No one cares if you can give us the code, we just wanted a little bit more info without the pretentious attitude.

Link to comment
Share on other sites

Ya know, the people that regularly check this forum, you know the ones that help those that come here once in a blue moon to ask for tech help, probably already knew of this vulnerability, due to the fact that they all most likely have two or so tabs dedicated to tech news, as well as the communities they belong to already. So I really do not see the point in 'warning' us about such a vulernability, when majority of us all know about it. As well as clearly coming off as warning and not discussing it, even when its not worth discussing anyways. And even going further to tell us to cripple our browsers with just your word only. Think of the random user that just so happens to read this topic and take it extremely seriously and then they have to wonder why their websites are rendering in such 'weird' forms.

 

 

 

If you're going to go out and demand people do such a critical operation to their browser, at least back it up with a few links and a real darn good reason as to why they should. It is sourly annoying.

 

 

 

And you're sarcastic and belittling replies are just further causing grief for everyone.

Link to comment
Share on other sites

They have plenty of a reason. It'd be nice if you gave a [bleep] reason why someone should turn off all java instead of just telling them to do so. Sorry but you really do not have the authority on these forums to be able to make those kind of calls, and no one is going to just take your word on it. There also is no need to talk down to people, it's really [bleep] annoying. No one cares if you can give us the code, we just wanted a little bit more info without the pretentious attitude.

 

 

 

Wait, you mean the one like you gave right now?

 

 

 

Stop being a little [bleep], just because you are a little under 20k posts, that doesn't mean you have any power over people either. Sorry to disappoint you.

 

 

 

I find it kind of funny how when someone posts a word 'exploit' on forums, a bunch of goons like you and sloter barge in acting like they know what they are talking about, calling that person a script kiddie, due to an unexplained hatred for everything you do not condone. Yes, I'm so bad, I'm trying to warn people about a potential danger instead of making 10 spam posts a day for 5 years.

 

 

 

K I'll stop feeding the trolls.

Link to comment
Share on other sites

They have plenty of a reason. It'd be nice if you gave a [bleep] reason why someone should turn off all java instead of just telling them to do so. Sorry but you really do not have the authority on these forums to be able to make those kind of calls, and no one is going to just take your word on it. There also is no need to talk down to people, it's really [bleep] annoying. No one cares if you can give us the code, we just wanted a little bit more info without the pretentious attitude.

 

 

 

Wait, you mean the one like you gave right now?

 

 

 

Stop being a little [bleep], just because you are a little under 20k posts, that doesn't mean you have any power over people either. Sorry to disappoint you.

 

 

 

I find it kind of funny how when someone posts a word 'exploit' on forums, a bunch of goons like you and sloter barge in acting like they know what they are talking about, calling that person a script kiddie, due to an unexplained hatred for everything you do not condone. Yes, I'm so bad, I'm trying to warn people about a potential danger instead of making 10 spam posts a day for 5 years.

 

 

 

K I'll stop feeding the trolls.

 

 

 

Where did I ever say I had any authority over anything? I don't think anyone on this site except for a few trusted tech people (Pure_Mage comes into mind right away) have any authority to try and say something like that, and even then they would back it up with a link explaining it.

 

 

 

So again stop with the attitude, it's annoying. We don't care that you're posting about an exploit, we just wanted some more info without you being pretentious about it "oh just trust me". Why? Why should we trust you.

Link to comment
Share on other sites

It seems you are trying to start a flamefest. Going to lock this thread as other users have provided some great advice for anyone looking for a solution/answer.

 

 

 

Don't be a troll as action can/will be taken against your account.

nodiehytnew.png
RIP Michaelangelopolous
Thanks to cowboy14 for the pimp sig!

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.