Firefox 3 at low/high risk from new flaw
Mozilla Firefox 3 is at risk from a new flaw that is currently unpatched. Whether the flaw is high or low risk depends on who you ask (or read).
Mozilla explains the vulnerability to be:
A null pointer dereference in the content layout component of Firefox
allows an attacker to crash the browser when a user navigates to a
In my book, any flaw that does not require user interaction is significant.
True the impact is limited, and Mozilla notes that the issue is under investigation. But I hope that we see an incremental patch for this issue before I see a module for it up on Metasploit.