{"id":972,"date":"2009-07-16T10:44:14","date_gmt":"2009-07-16T09:44:14","guid":{"rendered":"http:\/\/blog.intego.com\/?p=972"},"modified":"2009-07-16T10:44:14","modified_gmt":"2009-07-16T09:44:14","slug":"code-for-firefox-javascript-attack-in-the-wild","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/","title":{"rendered":"Code for Firefox Javascript Attack In the Wild"},"content":{"rendered":"<p><img src=\"https:\/\/www.intego.com\/mac-security-blog\/images\/firefox.jpg\"><\/p>\n<p>Yesterday, we <a href=\"https:\/\/www.intego.com\/mac-security-blog\/firefox-3-5-at-risk-from-javascript-vulnerability\/\">reported a highly critical Javascript vulnerability in Firefox 3.5<\/a>. Well, today, Information Week is <a href=\"http:\/\/www.darkreading.com\/security\/vulnerabilities\/showArticle.jhtml\">pointing out<\/a> that code exploiting this vulnerability is already circulating on websites that publish such code. In addition, Metasploit, a hacker tool, has released a module related to this vulnerability.  <\/p>\n<p>If you use Firefox 3.5, and haven&#8217;t already done so, we recommend that you read this <a href=\"http:\/\/blog.mozilla.com\/security\/2009\/07\/14\/critical-javascript-vulnerability-in-firefox-35\/\">post on the Mozilla Security Blog<\/a> explaining how to deactivate Javascript, until a fix is provided for Firefox. It is now relatively easy to trap users who visit malicious web pages, since code is widely available. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Yesterday, we reported a highly critical Javascript vulnerability in Firefox 3.5. Well, today, Information Week is pointing out that code exploiting this vulnerability is already circulating on websites that publish such code. In addition, Metasploit, a hacker tool, has released a module related to this vulnerability. If you use Firefox 3.5, and haven&#8217;t already done [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[13,11],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"Yesterday, we reported a highly critical Javascript vulnerability in Firefox 3.5. Well, today, Information Week is pointing out that code exploiting this\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Code for Firefox Javascript Attack In the Wild  - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"Yesterday, we reported a highly critical Javascript vulnerability in Firefox 3.5. Well, today, Information Week is pointing out that code exploiting this\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2009-07-16T09:44:14+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/images\/firefox.jpg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Peter James\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/images\/firefox.jpg\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/images\/firefox.jpg\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/\",\"name\":\"Code for Firefox Javascript Attack In the Wild - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/#primaryimage\"},\"datePublished\":\"2009-07-16T09:44:14+00:00\",\"dateModified\":\"2009-07-16T09:44:14+00:00\",\"description\":\"Yesterday, we reported a highly critical Javascript vulnerability in Firefox 3.5. Well, today, Information Week is pointing out that code exploiting this\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Code for Firefox Javascript Attack In the Wild\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\"},\"headline\":\"Code for Firefox Javascript Attack In the Wild\",\"datePublished\":\"2009-07-16T09:44:14+00:00\",\"dateModified\":\"2009-07-16T09:44:14+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/#webpage\"},\"wordCount\":104,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/images\/firefox.jpg\",\"articleSection\":[\"Security &amp; Privacy\",\"Software &amp; Apps\"],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\",\"name\":\"Peter James\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"caption\":\"Peter James\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"Yesterday, we reported a highly critical Javascript vulnerability in Firefox 3.5. Well, today, Information Week is pointing out that code exploiting this","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/","og_locale":"en_US","og_type":"article","og_title":"Code for Firefox Javascript Attack In the Wild  - The Mac Security Blog","og_description":"Yesterday, we reported a highly critical Javascript vulnerability in Firefox 3.5. Well, today, Information Week is pointing out that code exploiting this","og_url":"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/","og_site_name":"The Mac Security Blog","article_published_time":"2009-07-16T09:44:14+00:00","og_image":[{"url":"https:\/\/www.intego.com\/mac-security-blog\/images\/firefox.jpg"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"Peter James"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/images\/firefox.jpg","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/images\/firefox.jpg"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/","name":"Code for Firefox Javascript Attack In the Wild - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/#primaryimage"},"datePublished":"2009-07-16T09:44:14+00:00","dateModified":"2009-07-16T09:44:14+00:00","description":"Yesterday, we reported a highly critical Javascript vulnerability in Firefox 3.5. Well, today, Information Week is pointing out that code exploiting this","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Code for Firefox Javascript Attack In the Wild"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116"},"headline":"Code for Firefox Javascript Attack In the Wild","datePublished":"2009-07-16T09:44:14+00:00","dateModified":"2009-07-16T09:44:14+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/#webpage"},"wordCount":104,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/code-for-firefox-javascript-attack-in-the-wild\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/images\/firefox.jpg","articleSection":["Security &amp; Privacy","Software &amp; Apps"],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116","name":"Peter James","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","caption":"Peter James"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/"}]}},"jetpack_featured_media_url":"","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-fG","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/972"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=972"}],"version-history":[{"count":0,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/972\/revisions"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=972"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=972"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=972"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}