Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

New Exploit: Critical JavaScript vulnerability in Firefox 3.5

Created: 15 Jul 2009 • Updated: 21 May 2010 | 5 comments
This issue has been solved. See solution.

Anyone in Symantec want to throw any light on this? Has this issue been addressed in any of the latest RR's, or any new IPS Signatures?

http://blog.mozilla.com/security/2009/07/14/critical-javascript-vulnerability-in-firefox-35/

Comments 5 CommentsJump to latest comment

Thomas K's picture

I am looking into this with our engineers. I will update here when i have information.

Thomas

Thomas K's picture

We have an IPS signature in the pipeline, and an AV sig in the field already.

Abhishek Pradhan's picture

Ok. Just checked this out. It's been addressed in the latest IPS siggys released on the 15th of July. :)

I was more seo concerned with the IPS signatures and not AV, as the AV component cannot detect an RPC attack / remote exploit over RPC.

This has been addressed.

Thanks Thomas & Delifeath for your inputs.

Abhishek Pradhan, PMP, MCT
Blog: http://blog.abhishekpradhan.net | SIG Lead - Pune IT Pro (Microsoft Pune User Group) | http://www.puneusergroup.org

SOLUTION
delifeath's picture

Where can we check to see what is updated in the IPS signatures as opposed to AV?  Thank you.