| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <000f01c3e025$2dda7850$0100a8c0@grotedoos> From: SkyLined at edup.tudelft.nl (Berend-Jan Wever) Subject: RE: Internet Explorer - Multiple Vulnerabilities I looked into the "buffer overflow": it's actually a stack overflow. This means Outlook Express just runs out of stack space and terminates. Nothing is overwritten, this is not exploitable to gain unauthorized access or elevate priviledges. Cheers, SkyLined > These are not IE vulnerabilities. > > In all, you have described several ways to do some basic ressource > exhaustion by using Internet Explorer as well as an abnomaly in the Apache > server and a possible exploitable buffer overflow in Outlook Express. The > latter is definitely interesting, provided it is exploitable at all, but the > first items are not security vulnerabilities - details below.
Powered by blists - more mailing lists