Full Disclosure mailing list archives
Re: Firefox 2.0.0.7 has a very serious calculation bug [FIB FOUND/CONFIRMED]
From: blah <blah () blakogre com>
Date: Fri, 28 Sep 2007 10:39:10 -0700
IE7 was fine for me, showed up in FF 2.0.0.7 However, I think it's much wider-spread than initially thought. I found the same most unsettling results using: javascript:4.2-0.1 javascript:3.2-0.1 javascript:2.2-0.1 I did not have time to try more, but obviously all of you can see the possibilities. Because it appears this works with any number, I've dubbed it the FIB, (Firefox Infinite Bug). I think this should get its own exploit category, too, since assuredly, perhaps one day, this will be exploitable. On 9/28/07, Steven Adair <steven () securityzone org> wrote:
So are we dealing with an RDCB (Recently Disclosed Calculation Bug) or was this just a mistake? StevenActually, I see 5.1000000000000005 in both browsers. Larry Seltzer eWEEK.com Security Center Editor
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Firefox 2.0.0.7 has a very serious calculation bug [FIB FOUND/CONFIRMED] blah (Sep 28)
- Re: Firefox 2.0.0.7 has a very serious calculation bug [FIB FOUND/CONFIRMED] Larry Seltzer (Sep 28)
- Re: Firefox 2.0.0.7 has a very serious calculation bug [FIB FOUND/CONFIRMED] Susam Pal (Sep 29)