[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040712185230.GA5620@comcast.net>
From: st3ng4h at comcast.net (st3ng4h)
Subject: Firefox 0.92 DoS via TinyBMP
On Mon, Jul 12, 2004 at 07:14:02PM +0200, David Huecking wrote:
> Hmm, very funny modified BMPs?!
[snip]
> So we see the true nature of this picture.
This is precisely the point that almost everyone is missing
completely (but still clamoring "it works on X, it doesn't work on
Y"), and that Sapheriel pinpointed: the core problem lies in the
Windows .bmp implementation.
So, I wonder aloud, what is the purpose of publishing 'advisories'
that misattribute this flaw to IE [1] or Firefox or any of the other
hundreds or thousands of programs that use it and can be DoSed as a
result?
st3ng4h
[1] http://www.securityfocus.com/archive/1/360166
Powered by blists - more mailing lists