Secunia reports of a new, unpatched, and highly critical security hole in Firefox 3.5 (possibly in other versions, too) that allows attackers to execute arbitrary code on the victim’s computer.

The vulnerability is caused due to an error when processing JavaScript code handling; for example, one could use simple HTML “font” tags to cause a memory corruption and then run arbitrary code.

Until Mozilla addresses this vulnerability, here’s a temporary fix: Type about:config in Firefox‘ address bar, and set “javascript.options.jit.content” to “false.”

Read the details about this security issue here.

Highly Critical Security Vulnerability Found in Firefox 3.5

Posted using ShareThis Follow me on twitter

Tony Patton in his article on Chickenfoot speaks about manipulating the DOM of a webpage through which you can give additional features to a web page.

Chickenfoot is a Firefox add-on that allows you to automate user actions within the browser environment. It also lets you extend the browser interface to provide additional features to a Web page.

Before I delve into how this add-on can make your Web development work easier, I thought I’d take a moment to share the answer to the question I bet you’re asking yourself (I know I was): Why is it called Chickenfoot? Here is the answer from the Chickenfoot site:

“Chickenfoot is a game that you can play with dominoes. Since Chickenfoot does much of its work by manipulating the Document Object Model, or DOM, of a web page, Chickenfoot the Firefox extension is like a toy that lets you play with the DOMinoes of the web.”

Access the full article here

…Chickenfoot is available as a free download. When you click the downloaded file, Chickenfoot is installed via the Firefox Add-ons dialog box. After installation, it is available as a sidebar selection (View | Sidebar). After you enable the sidebar, Chickenfoot appears on the left side of the browser adjacent to where pages load.

The top portion of the Chickenfoot sidebar contains a JavaScript editor that allows you to enter JavaScript as you would within a Web page. In addition, you can enter commands from the JavaScript superset that is part of Chickenfoot.

You may enter multiple code windows within the JavaScript editor. There are buttons at the top of the JavaScript editor that you can use to open/save scripts, create new scripts, and execute and stop scripts.

For more information about Chickenfoot scripts, check out the Chickenfoot Script Repository.