Full Disclosure mailing list archives

Re: Mozilla Firefox "Host:" Buffer Overflow

From: Heikki Toivonen <heikki () osafoundation org>
Date: Fri, 09 Sep 2005 00:21:07 -0700

Tom Ferris wrote:

Vendor Status:
Mozilla was notified, and im guessing they are working on a patch. Who
knows though?


That seems like a gross mischaracterization, at least by looking at the
Bugzilla bug filed by you which I believe this corresponds to. The bug
was reported two days ago (Sep 6), the first comment came less than an
hour after that, and the first attempted fix was attached less than two
hours after the bug was filed. Further comments explained how it was
proving hard to find what and where was actually going wrong to put in
the right fix. 10 replies total in less than two days. To me it seems
obvious work is being done.

-- 
  Heikki Toivonen

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Mozilla Firefox "Host:" Buffer Overflow Tom Ferris (Sep 08)
- Re: Mozilla Firefox "Host:" Buffer Overflow Heikki Toivonen (Sep 09)
  - Re: Mozilla Firefox "Host:" Buffer Overflow n e w s (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Larry Seltzer (Sep 09)
  - Re: Mozilla Firefox "Host:" Buffer Overflow Dave Aitel (Sep 09)
    - RE: Mozilla Firefox "Host:" Buffer Overflow Larry Seltzer (Sep 09)
    - RE: Mozilla Firefox "Host:" Buffer Overflow Bruce Ediger (Sep 09)
    - RE: Mozilla Firefox "Host:" Buffer Overflow Larry Seltzer (Sep 09)
    - RE: Mozilla Firefox "Host:" Buffer Overflow Bruce Ediger (Sep 09)
    - RE: Mozilla Firefox "Host:" Buffer Overflow Bruce Ediger (Sep 09)
    - Re: Mozilla Firefox "Host:" Buffer Overflow Andrew R. Reiter (Sep 09)
    - Re: Mozilla Firefox "Host:" Buffer Overflow Dave Aitel (Sep 09)

(Thread continues...)