The most important thing for frustrated end users to keep in mind is that Mozilla/Firefox cannot be held responsible for cases where incorrectly written plugins and/or extensions cause Firefox to abuse system memory – that’s the trade-off between empowering developers and keeping the code squeaky clean.
I’ll try to be as objective as possible in this reply:
The reply turned out to be longer than I’d originally intended, so here it is as its own post. However, proof of concept for this vulnerability is available.Recently our original article/rant on Firefox’s legendary memory abuse has seen an increase in comments and views and I had intended to post the following comment in light of the article’s rebirth and the ensuing discussions in the comments. We are not aware of malware exploiting this vulnerability. Is there known malware, which exploits this vulnerability? The attacker should have physical access to the system in order to successfully exploit this vulnerability. cpe:2.3:a:mozilla:mozilla_firefox:70.0:*:*:*:*:*:*:*Ĭan this vulnerability be exploited remotely?.An attacker with physical access to the system can open a specially crafted web page and view contents of GPU memory on screen. The vulnerability exists due memory leak in WebRender. The vulnerability allows a local user to view memory contents
0 kommentar(er)
