| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6C822FACDE1C534CA72836EC615EFC4DB3FDD8@mail.dm.local> Date: Wed Dec 21 12:38:48 2005 From: cmacfarlane at Drummond-Miller.co.uk (Cassidy Macfarlane) Subject: happy new year. Yup, OK, it is, but you can still colour me surprised that this is a 'windows' DoS, as opposed to an IE issue. I obviously missed that info when this was found. As it is a kernel/memory issue, as opposed to a jpg/img/processing bug, does this not mean ANY windows app is vuln to an oversize-referenced img? So a single HTML mail could effectively re-boot a windoze PC(?).... Wonder if there's a bit of 'elbow room' in this crash buffer...... -----Original Message----- From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Wernfried Haas Sent: 21 December 2005 12:00 To: full-disclosure@...ts.grok.org.uk Subject: Re: [Full-disclosure] happy new year. Am i missing something, but isn't this the same thing we already had a while ago? See the attached pdf in http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-05/0069.html On Wed, Dec 21, 2005 at 09:35:01AM -0000, Cassidy Macfarlane wrote: > MOZILLA 1.7 (!) Also killed my mozilla on Linux (not immedeately, had to scroll around a bit to make it crash). cheers, Wernfried -- Wernfried Haas (amne) - amne at gentoo dot org Gentoo Forums: http://forums.gentoo.org IRC: #gentoo-forums on freenode - email: forum-mods at gentoo dot org
Powered by blists - more mailing lists