Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr)

From: "Stan Bubrouski" <stan.bubrouski () gmail com>
Date: Sun, 25 Feb 2007 13:27:19 -0500
The test on that page still puts my 2.0.0.2 in a completely unusable
state, try it yourself and let me know what happens.

-sb

On 2/25/07, Ismail Dönmez <ismail () pardus org tr> wrote:

On Sunday 25 February 2007 18:57:47 Stan Bubrouski wrote:

On 2/25/07, Daniel Veditz <dveditz () cruzio com> wrote:

Michal Zalewski wrote:

A quick test case that crashes while trying to follow partly
user-dependent corrupted pointers near valid memory regions (can be
forced to write, too):

  http://lcamtuf.coredump.cx/ietrap/testme.html

Firefox problem is being tracked here:
  https://bugzilla.mozilla.org/show_bug.cgi?id=371321


This bug was fixed in 2.0.0.2, released Friday Feb 23.


No it most certainly wasn't, do your homework next time.


Well surely someone didn't so his homework but its not Daniel, see
https://bugzilla.mozilla.org/show_bug.cgi?id=371321 .


--
Ismail Donmez ismail (at) pardus.org.tr
GPG Fingerprint: 7ACD 5836 7827 5598 D721 DF0D 1A9D 257A 5B88 F54C
Pardus Linux / KDE developer



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: