Going Commercial with Firefox Vulnerabilities
Security vendor Secunia released a advisory two days ago. Nothing unusual. The Advisory is titled “Mozilla Firefox Unspecified Code Execution Vulnerability”. Unspecified? Why that? Secunia is well informed usually.
“The vulnerability is caused due to an unspecified error and can be exploited to execute arbitrary code. The vulnerability is reported in version 3.6. Other versions may also be affected”, the Advisory says.
The Advisory links to a forum post, which is about a update for the exploitation system VulnDisco 9.0. Update means “new exploit” – not patch It reports two 0-day exploits: One for Firefox 3.6 and one for Lotus Notes, each on XP and Vista machines. You can buy this unknown and undisclosed exploit at the website. It is the first time i hear about such “open minded” business. The commercialization of hacking is going on…