Hackers plant Firefox 0day on Nobel Peace Prize website

Hackers plant Firefox 0day on Nobel Peace Prize website
Hackers plant Firefox 0day on Nobel Peace Prize website

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

Content-Transfer-Encoding: QUOTED-PRINTABLE

By Dan Goodin in San Francisco
The Register
26th October 2010

Malicious hackers have exploited an unpatched vulnerability in the 
latest version of Firefox to attack people visiting the Nobel Peace 
Prize website, a Norway-based security firm said on Tuesday.

Mozilla representatives confirmed a "critical vulnerability" in versions 
3.5 and 3.6 of the open-source browser. It came several hours after the 
organization members were said to have made the same admission on this 
password-protected Bugzilla page.

According to Einar Oftedal, a detection executive at Norman ASA in Oslo, 
the official website for the Nobel Peace prize,, was 
compromised so that it contained an iframe link to a malicious server.

=E2=80=9CThis iframe has a multi exploit backend and serves exploits for 
Firefox, including a working remote exploit for firefox 3.6.11,=E2=80=9D he said 
in an instant message to The Register. =E2=80=9CWe didn't see any 0day for IE,=E2=80=9D 
he added, referring to Microsoft's browser.


Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure. 

Site design & layout copyright © 1986-2014 CodeGods