Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Google Chrome Browser Vulnerability

From: Shyaam <shyaam () gmail com>
Date: Thu, 4 Sep 2008 03:20:44 +0000

Out of bound array accesses can be vulnerabilities because they can

in some cases result in code execution, but not in this case. In
this case, it is just an integer underflow that causes a
conditional to evaluate to true that shouldn't have and a byte or
two of memory being read out of bounds. There is no write, the
memory can't be leaked by an attacker, it is simply a crash.

You can't even begin to compare a kernel denial of service to a
browser crash, killing a browser is a world away from taking down
an entire system. Let's face it, the last thing we need is someone
whoring out attention for every browser crash they come across.
Report it and be done with it, no one cares.




Cool!!! Thanks...

Shyaam

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: