Re: firefox 2.0.0.2 crash

["Jason Areff" <hailtheczar () gmail com>]

Yeah, firefox is prone if it's set as your GIF file handler, schmarty.

On 3/12/07, Kristian Hermansen (khermans) <khermans () cisco com> wrote:
>  Firefox even crashes if you have it open and visit the site from lynx...
>
> $ lynx
> http://people.zoy.org/~sam/firefox-crash-save-session-before-clicking.gif<http://people.zoy.org/%7Esam/firefox-crash-save-session-before-clicking.gif>
>
> Looking up people.zoy.org
> Making HTTP connection to people.zoy.org
> Sending HTTP request.
> HTTP request sent; waiting for response.
> HTTP/1.1 200 OK
> Data transfer complete
> /usr/bin/firefox '/tmp/XXXXggdfOe/L23367-1095TMP.gif'
>
> lynx: Start file could not be found or is not text/html or text/plain
>       Exiting...
> --
> Kristian Hermansen
>
> ___
> Date: Fri, 09 Mar 2007 20:31:40 +0200
> From: T?nu Samuel <tonu () jes ee>
> Subject: [Full-disclosure] firefox 2.0.0.2 crash
> To: full-disclosure () lists grok org uk
> Message-ID: <1173465100.5229.48.camel () duo jes ee>
> Content-Type: text/plain; charset=UTF-8
>
> Can be dupe but in fast browsing over topics I did not discovered this
> exploit:
>
> http://people.zoy.org/~sam/firefox-crash-save-session-before-clicking.gif<http://people.zoy.org/%7Esam/firefox-crash-save-session-before-clicking.gif>
>
>
> I do NOT know anything else than this url. Just seen it in random
> discussion and anyone else I asked knows nothing. Current tests indicate
> that Mozilla 2.0.0.2 gets killed within second, 1.5.0.10 survives.
>
>    T?nu
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/