Full Disclosure mailing list archives

RE: Firefox 0.92 DoS via TinyBMP

From: "Prock Thomas" <Thomas.Prock () Amadeus-IT de>
Date: Mon, 12 Jul 2004 14:21:08 +0200

Hi,
 
for me this works fine on a fully patched msie 6.0sp1 too. Firefox 0.8 doesn't seem to be vulnerable.
 
Greetz

Hi,

there is a security vulnerability in Firebox 0.92 (latest Version)

http://www.4rman.com/exploits/tinybmp.htm <http://www.4rman.com/exploits/tinybmp.htm> 

this link causes that your virutal memory will be rise up 1,2 GB used
Memory...

maybe Thunderbird 0.72 is also vulnerable via HTML.

credits to: StupidWhiteMan

--
  Best Regard thE_iNviNciblE
  ---------------------------
  Wissen ist Macht

Freie Meinung: http://www.your-mind-is-free.de.vu <http://www.your-mind-is-free.de.vu> 
IT-Security  : http://www.kid2elite.de.vu <http://www.kid2elite.de.vu> 
IT-Forum     : http://www.security-focus.de.vu <http://www.security-focus.de.vu>

 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

RE: Firefox 0.92 DoS via TinyBMP Prock Thomas (Jul 12)
- <Possible follow-ups>
- RE: Firefox 0.92 DoS via TinyBMP Andrew Poodle (Jul 12)