However, officials at the Mozilla Foundation are downplaying the threat, insisting the bug is more of an "annoyance" than a serious security vulnerability.
The exploit, which was posted on the PacketStormSecurity.org Web site, targets a buffer overflow in Firefox 1.5, the newest browser release from Mozilla.
The exploit has been confirmed on Firefox 1.5 on Windows XP SP2 (Service Pack 2) and is caused by an error in the way the open-source browser handles large history information.
A successful attacker can fill the browser's "history.dat" file with large history information by tricking a user into visiting a malicious Web site with an overly large title.
For full story: