Firefox 3.6.2 was released ahead of schedule to address the vulnerability, which Secunia classified as “highly critical,” or four out of five on its severity rating scale. Mozilla originally planned to release the update a week from today.
In its advisory, Mozilla said the vulnerability affects the Web Open Fonts Format (WOFF), a simple, compressed file format for fonts. Specifically, an integer overflow error exists in the way the WOFF decoder handles the size of tables specified in the font file, according to information about the bug provided by the US-CERT. The error could result in a buffer overflow vulnerability.
“A remote attacker who is able to supply a malicious WOFF file could exploit this vulnerability,” US-CERT said in its advisory.
The vulnerability affects only Firefox 3.6, which was released in January. It was first discovered by Russian security researcher Evgeny Legerov, who is the founder of Moscow-based security research firm Intevydis.
The flaw prompted the German Computer Emergency Response Team on Friday to warn users against using Firefox until Mozilla provided a fix.