oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: browser document.cookie DoS vulnerability

From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 11 Oct 2013 22:32:54 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/11/2013 11:34 AM, Joel Weinberger wrote:

Hi there. Yes, we do CVEs, but in this case, we consider this very
low severity and will not be creating a CVE for it. Sorry for the
delayed response for it! --Joel


So to confirm you are saying this is NOT a security issue in any way
shape or form? I find this odd because DoS's in web browsers are often
considered CVE worthy. Is there something in this issue that prevent
exploitation/etc? If not then it deserves a CVE even if it is a "low"
issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)

iQIcBAEBAgAGBQJSWND2AAoJEBYNRVNeJnmToBMP/3wdilLPfV39Wm2h0fasOxUB
ZiN1tWvslIxWsksFeO9xEQjS/MgNG6GfGoNpFt7uTl4NSb8ZQgkl7GWTGPJIyFnZ
7bpqRjdjxlKTqH68FW0vSCKCTZYt1o1DVv2ownmHogIsPfj7nbPYNZDYGB5bHsWy
TLBsJIPqyHbFX0Purqnw+QD7xXa3GnccAm58tzc2bxhKA/6t42+U0K/XFA8j+Jtm
TGQ3yOCCk6C+gDpl0N+WnjBSaMJmZ75XXlelWShQLLsK+KRovLfQpKumIaUKa7oR
Cq/61CN3Q0pTmkaHKwweVWgpFMZPCZJqY4Ddcej4zSSc5WaQJ9KgpABi0bXr1nDy
VAaYDBMkZ5LX1hcguE+V9J583xUvQdN2N3jy60+OBl3R4Thwzd3kofejaarausfd
N6RleZvVR+140KeG69HQ4CWmKkIatug+Y4N455xj/SHgdLTgJEmuu7GNIAMQePXH
OTuUjAhAfwahYpi+hwVTejYSlfcN4PS1MaMZOFIh09KoxXZYXV6LpbRJJP0j0ssb
n0oHk9uSRD6PDgU8UKfrAodcbdnd4Y31AP7G7hv0XUU1odPqK8D37eKqbr4KRCAj
RGuaP1jbRHqLE1UmTZg7g3/KfVk3QwGlZqXD676W8cOsDAGmRnnQm2y8K1dBTArZ
t/zfJi5xo298Cps0booP
=6DTV
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: