Full Disclosure mailing list archives
Re: Google Chrome Browser Vulnerability
From: Shyaam <shyaam () gmail com>
Date: Thu, 4 Sep 2008 03:20:44 +0000
Out of bound array accesses can be vulnerabilities because they canin some cases result in code execution, but not in this case. In this case, it is just an integer underflow that causes a conditional to evaluate to true that shouldn't have and a byte or two of memory being read out of bounds. There is no write, the memory can't be leaked by an attacker, it is simply a crash. You can't even begin to compare a kernel denial of service to a browser crash, killing a browser is a world away from taking down an entire system. Let's face it, the last thing we need is someone whoring out attention for every browser crash they come across. Report it and be done with it, no one cares.
Cool!!! Thanks... Shyaam
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Google Chrome Browser Vulnerability, (continued)
- Re: Google Chrome Browser Vulnerability silky (Sep 03)
- Re: Google Chrome Browser Vulnerability n3td3v (Sep 03)
- Re: Google Chrome Browser Vulnerability Valdis . Kletnieks (Sep 03)
- Re: Google Chrome Browser Vulnerability Razi Shaban (Sep 03)
- Re: Google Chrome Browser Vulnerability n3td3v (Sep 03)
- Re: Google Chrome Browser Vulnerability silky (Sep 03)
- Re: Google Chrome Browser Vulnerability n3td3v (Sep 03)
- Re: Google Chrome Browser Vulnerability Shyaam (Sep 03)
- Message not available
- Re: Google Chrome Browser Vulnerability Shyaam (Sep 03)
- Re: Google Chrome Browser Vulnerability Fionnbharr (Sep 04)
- Re: Google Chrome Browser Vulnerability Chris Pritchard (Sep 04)
- Re: Google Chrome Browser Vulnerability The Mad Hatter (Sep 04)
- Message not available
- Re: Google Chrome Browser Vulnerability n3td3v (Sep 04)
- Re: Google Chrome Browser Vulnerability hannibal (Sep 05)
- Re: Google Chrome Browser Vulnerability n3td3v (Sep 05)