| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 3 Nov 2006 09:35:58 +0100 From: "Tyop?" <tyoptyop@...il.com> To: full-disclosure@...ts.grok.org.uk Subject: Re: Firefox 1.5.0.7 Exploit On 11/2/06, Bram Dumolin <bdumolin@...il.com> wrote: > re, > On 2 Nov 2006 16:43:35 -0000, koenig@...-k-a-d-e-n-t.de > <koenig@...-k-a-d-e-n-t.de> wrote: > > > Do 2 Nov 16:35:53 CET 2006 > > > > Vulnerable: Firefox 1.5.0.7 and probably versions below > > > > Impact: DoS (perhaps Code Execution) > > > > > > As Firefox 2.0 was released a few days ago... > > A "new" Exploit for the old version! > > The great Firefox! ;D > > > > On Kubuntu Linux the exploits does not just kill firefox > > but freezes the whole system! Probably it will also freeze > > other distros! > > > > If the URL is bigger than 4092 bytes, Firefox crashes! > > The URL in the following code is 4093 bytes! > > No problem on Mac OS X 10.4.8 with firefox 1.5.0.7. firefox 1.5.0.7 on FreeBSD 7.0(september) and on Linux debian 2.6.17-2-686, Not affected. -- Tyop? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists