Full Disclosure mailing list archives
RE: Mozilla Firefox "Host:" Buffer Overflow
From: "Bruce Ediger" <eballen1 () qwest net>
Date: Fri, 9 Sep 2005 15:19:21 -0600 (MDT)
On Fri, 9 Sep 2005, Larry Seltzer wrote:
Well, MSFT is going to issue a critical patch next Tuesday. Maybe this is a shiny object, intended to divert some media pressure away from an MSFT design botch.Allright, maybe I haven't listened to enough Air America lately, so help me out with how this conspiracy works. Are you saying that Tom Ferris is a Microsoft stooge and the fact that he only announced a critical IE vulnerability without providing details or a POC, whereas he provided both for a critical vulnerability in Firefox, was done because Microsoft paid him to do so? Because that seems to be the essence of what you're implying.
Sure, that's exactly it. The IE vulnerability without POC doesn't get any "days of exposure" or whatever it is that MSFT uses to calculate how bad Mozilla and Firefox are vs IE. The Firefox details and POC causes instant exposure, and gets much worse bad press. Look at what else has turned up in the "trade press" lately (within the last 2 weeks): ZDNet Australia denigrates Mac security: http://zdnet.com.au/news/security/soa/Mac_community_must_wake_up_to_security/0,2000061744,39210762,00.htm Kaspersky beats the "Linux is next!" drum: http://www.linuxplanet.com/linuxplanet/reports/5997/1/ Shiny objects for the press to fixate on everywhere, I tell you! If you can get a hold of a copy of the now-defunt "Brill's Content" magazine for September of 1998, you can read a big expose' of the way MSFT deals with reporters and trade pressmen. I doubt that any money changes hands on these things. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Mozilla Firefox "Host:" Buffer Overflow Tom Ferris (Sep 08)
- Re: Mozilla Firefox "Host:" Buffer Overflow Heikki Toivonen (Sep 09)
- Re: Mozilla Firefox "Host:" Buffer Overflow n e w s (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Larry Seltzer (Sep 09)
- Re: Mozilla Firefox "Host:" Buffer Overflow Dave Aitel (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Larry Seltzer (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Bruce Ediger (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Larry Seltzer (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Bruce Ediger (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Bruce Ediger (Sep 09)
- Re: Mozilla Firefox "Host:" Buffer Overflow Dave Aitel (Sep 09)
- Re: Mozilla Firefox "Host:" Buffer Overflow Heikki Toivonen (Sep 09)
- Re: Mozilla Firefox "Host:" Buffer Overflow Andrew R. Reiter (Sep 09)
- Re: Mozilla Firefox "Host:" Buffer Overflow Dave Aitel (Sep 09)
- Re: Mozilla Firefox "Host:" Buffer Overflow Andrew R. Reiter (Sep 09)
- Re: Mozilla Firefox "Host:" Buffer Overflow milw0rm Inc. (Sep 09)
- <Possible follow-ups>
- Re: Mozilla Firefox "Host:" Buffer Overflow ipatches (Sep 09)
- Re: Mozilla Firefox "Host:" Buffer Overflow Adam Polkosnik (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Larry Seltzer (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Larry Seltzer (Sep 09)