310040 - Firefox does not run with Data Execution Prevention (NX) turned on

Status: RESOLVED DUPLICATE of bug 233765

(Firefox :: Security, defect)

Description

[Peter Orme]

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.7.10) Gecko/20050717 Firefox/1.0.6
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.7.10) Gecko/20050717 Firefox/1.0.6

Not a bug exactly but could be a security risk. I turned on Data Execution
Prevention for all programs and found that Firefox required it to be turned off,
this I have done just for Firefox. Would it be possable to make use of this
function for those of us that have the hardware that supports it.

Thanks

Peter Orme

Reproducible: Always

Steps to Reproduce:
1.Use a P4 with Data Execution Prevention 
2.Turn it on for all programs.
3.Reboot

Actual Results:  
An alert box comes up telling you that Firefox requires it to be turned off and
gives you the option to turn it off for that program.

Comment 1

[Jesse Ruderman]

I'm making this bug public because having it confidential doesn't protect users.

I agree that it would be good if Firefox worked with Data Execution Prevention.
 It at least makes buffer overflows harder to exploit.  Not working with DEP
enabled slows down anyone who has it enabled globally (they see a dialog or a
crash) and might encourage some users to disable it globally.

This might be a dup of bug 233765, even though that one was reported with AMD64
and you're using a P4.

Comment 2

[Jesse Ruderman]

Does this bug go away if you move fullsoft.dll (Talkback) out of the way?
See bug 233765 comment 29.  If it does, this is probably a dup.

Comment 3

[Jesse Ruderman]

No response from reporter.  Guessing this is a dup of bug 233765.

*** This bug has been marked as a duplicate of 233765 ***