Bugtraq mailing list archives
Re: JPEG COM Marker Processing Vulnerability in Netscape Browsers
From: Solar Designer <solar () FALSE COM>
Date: Thu, 27 Jul 2000 19:43:58 +0400
I have found that Netscape 4.74 is vulnerable, if you choose "View Page Source" in the right-click-menu.... (Only tested on FreeBSD4.0)
We've exchanged a few e-mails with Isak regarding this, and the conclusion is that Netscape 4.74 is indeed NOT vulnerable, including on FreeBSD:
Well, my guess is that it crashes due to some other error (related to the GUI) in this case. The JPEG file isn't even interpreted when you view it as "source"; what you get is a very long line of text.
That "View Page Source" crash should be investigated, as it's a bug (not necessarily in Netscape itself) and can theoretically turn out to be another vulnerability, -- but I can't reproduce it. Signed, Solar Designer
Current thread:
- JPEG COM Marker Processing Vulnerability in Netscape Browsers Solar Designer (Jul 24)
- Re: JPEG COM Marker Processing Vulnerability in Netscape Browsers Isak Holmström (Jul 26)
- Re: JPEG COM Marker Processing Vulnerability in Netscape Browsers Solar Designer (Jul 27)
- Re: JPEG COM Marker Processing Vulnerability in Netscape Browsers Isak Holmström (Jul 26)