Full Disclosure mailing list archives
Re: iDEFENSE Security Advisory 08.02.04: Netscape/Mozilla SOAPParameter Constructor Integer Overflow Vulnerability
From: Daniel Veditz <dveditz () cruzio com>
Date: Mon, 02 Aug 2004 14:25:39 -0700
VIII. DISCLOSURE TIMELINE 01/17/2004 Exploit acquired by iDEFENSE. 03/05/2004 Bug sent to Netscape Security Bug form at http://cgi.netscape.com/cgi-bin/bug-security.cgi 03/05/2004 Bug entered into bugzilla.mozilla.org http://bugzilla.mozilla.org/show_bug.cgi?id=236618 03/05/2004 iDEFENSE clients notified 07/09/2004 Patch submitted into Mozilla source tree. http://bugzilla.mozilla.org/show_bug.cgi?id=236618#c22 08/02/2004 Public disclosure
The fix was checked in March 8, 2004 http://bugzilla.mozilla.org/show_bug.cgi?id=236618#c12 The July check-in was a back-port to the 1.4 branch -Dan Veditz _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- iDEFENSE Security Advisory 08.02.04: Netscape/Mozilla SOAPParameter Constructor Integer Overflow Vulnerability idlabs-advisories (Aug 02)
- Re: iDEFENSE Security Advisory 08.02.04: Netscape/Mozilla SOAPParameter Constructor Integer Overflow Vulnerability Jedi/Sector One (Aug 02)
- Re: iDEFENSE Security Advisory 08.02.04: Netscape/Mozilla SOAPParameter Constructor Integer Overflow Vulnerability Daniel Veditz (Aug 02)