| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Mar 2007 11:56:59 -0400
From: "Kristian Hermansen \(khermans\)" <khermans@...co.com>
To: <full-disclosure@...ts.grok.org.uk>, <full-disclosure@...ts.grok.org.uk>
Subject: Re: firefox 2.0.0.2 crash
Firefox even crashes if you have it open and visit the site from lynx...
$ lynx http://people.zoy.org/~sam/firefox-crash-save-session-before-clicking.gif
Looking up people.zoy.org
Making HTTP connection to people.zoy.org
Sending HTTP request.
HTTP request sent; waiting for response.
HTTP/1.1 200 OK
Data transfer complete
/usr/bin/firefox '/tmp/XXXXggdfOe/L23367-1095TMP.gif'
lynx: Start file could not be found or is not text/html or text/plain
Exiting...
--
Kristian Hermansen
___
Date: Fri, 09 Mar 2007 20:31:40 +0200
From: T?nu Samuel <tonu@....ee>
Subject: [Full-disclosure] firefox 2.0.0.2 crash
To: full-disclosure@...ts.grok.org.uk
Message-ID: <1173465100.5229.48.camel@....jes.ee>
Content-Type: text/plain; charset=UTF-8
Can be dupe but in fast browsing over topics I did not discovered this
exploit:
http://people.zoy.org/~sam/firefox-crash-save-session-before-clicking.gif
I do NOT know anything else than this url. Just seen it in random
discussion and anyone else I asked knows nothing. Current tests indicate
that Mozilla 2.0.0.2 gets killed within second, 1.5.0.10 survives.
T?nu
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists