JavaScript security flaw potentially affects Firefox for Mac OS X

CNET reports on the presentation of a JavaScript security flaw -- which is really a variation of an old issue -- that potentially affects Firefox when running under Mac OS X (and other operating systems).

"The flaw is specific to Firefox's implementation of JavaScript, a 10-year-old scripting language widely used on the Web. In particular, various programming tricks can cause a stack overflow error [...] The JavaScript issue appears to be a real vulnerability, Window Snyder, Mozilla's security chief, said after watching a video of the presentation Saturday night. 'What they are describing might be a variation on an old attack,' she said. 'We're going to do some investigating.'

"[...] the presentation probably gives Mozilla enough data to fix the apparent flaw, Snyder said. However, because the possible flaw appears to be in the part of the browser that deals with JavaScript, addressing it might be tougher than the average patch, she added."

Feedback? Late-breakers@macfixit.com.

Resources