| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <448e9a320907211305h213a32dcy6cafb1b4c7f192d3@mail.gmail.com> Date: Tue, 21 Jul 2009 13:05:24 -0700 From: Michal Zalewski <lcamtuf@...edump.cx> To: Thierry Zoller <Thierry@...ler.lu> Cc: bugtraq <bugtraq@...urityfocus.com>, full-disclosure <full-disclosure@...ts.grok.org.uk>, info@...cl.etat.lu, vuln@...unia.com, cert@...t.org, nvd@...t.gov, cve@...re.org Subject: Re: Re[2]: [Full-disclosure] Update: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari, Opera, Chrome, Seamonkey, iPhone, iPod, Wii, PS3.... > Yes, we all know that. The flaw here was not looping on itself a > thousands of times, wow. It was a DOM implementation flaw. The code created an oversized list, which does not seem to be that far from creating an overly nested DOM tree, or drawing an oversized CANVAS shape, or any other creating-too-many-things-for-the-renderer-to-handle attacks... but really, I'm not trying to be dismissive, just saying that a more holistic approach might be more beneficial in the long run. /mz
Powered by blists - more mailing lists