have turned out to be a hoax, according to a report on Heise Security
The report claims that Mischa Spiegelmock - one of the two hackers that made the allegations - told Window Snyder, Mozilla's security chief that the main purpose of their talk was "to be humourous."
While the hole does exist and it is still possible to create a stack overflow using the exploit, it seems that Spiegelmock and Wbeelsoi over-exaggerated the implications that the flaw has on a user's system. Indeed, the only result that Spiegelmock has been able to produce is a browser crash.
Mozilla has stated that it will continue investigations into the flaws and will continue fix areas of code that could cause security issues. You can read the full report here
and thanks to TechReport
for the heads up.
Discuss in the forums