[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200407122335.10039.fulldisc@ultratux.org>
From: fulldisc at ultratux.org (Maarten)
Subject: Firefox 0.92 DoS via TinyBMP
On Monday 12 July 2004 20:52, st3ng4h wrote:
> On Mon, Jul 12, 2004 at 07:14:02PM +0200, David Huecking wrote:
> > Hmm, very funny modified BMPs?!
>
> [snip]
>
> > So we see the true nature of this picture.
>
> This is precisely the point that almost everyone is missing
> completely (but still clamoring "it works on X, it doesn't work on
> Y"), and that Sapheriel pinpointed: the core problem lies in the
> Windows .bmp implementation.
Well, _if_ it does. What is actually happening is that you load a graphic
with a massive resolution. Linking to a page with a 4400 MB jpeg isn't
exactly what I'd call a DoS, but the effect sure looks like it though ;-)
However... maybe I was jumping to conclusions too quick...
Since, for the record, Mozilla on linux doesn't suffer anything.
Or so it seems.
Maarten
--
Yes of course I'm sure it's the red cable. I guarante[^%!/+)F#0c|'NO CARRIER
Powered by blists - more mailing lists