Full Disclosure mailing list archives
Re: Firefox 1.5.0.7 Exploit
From: "Tyop?" <tyoptyop () gmail com>
Date: Fri, 3 Nov 2006 09:35:58 +0100
On 11/2/06, Bram Dumolin <bdumolin () gmail com> wrote:
re, On 2 Nov 2006 16:43:35 -0000, koenig () d-e-k-a-d-e-n-t de <koenig () d-e-k-a-d-e-n-t de> wrote:Do 2 Nov 16:35:53 CET 2006 Vulnerable: Firefox 1.5.0.7 and probably versions below Impact: DoS (perhaps Code Execution) As Firefox 2.0 was released a few days ago... A "new" Exploit for the old version! The great Firefox! ;D On Kubuntu Linux the exploits does not just kill firefox but freezes the whole system! Probably it will also freeze other distros! If the URL is bigger than 4092 bytes, Firefox crashes! The URL in the following code is 4093 bytes!No problem on Mac OS X 10.4.8 with firefox 1.5.0.7.
firefox 1.5.0.7 on FreeBSD 7.0(september) and on Linux debian 2.6.17-2-686, Not affected. -- Tyop? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Firefox 1.5.0.7 Exploit Tyop? (Nov 03)
- Re: Firefox 1.5.0.7 Exploit Lubomir Kundrak (Nov 06)