lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <200703100257.28949.mihai.dontu@gmail.com>
Date: Sat, 10 Mar 2007 02:57:28 +0200
From: Mihai Dontu <mihai.dontu@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: firefox 2.0.0.2 crash

On Friday 09 March 2007 20:31, Tõnu Samuel wrote:
> Can be dupe but in fast browsing over topics I did not discovered this
> exploit:
> 
> http://people.zoy.org/~sam/firefox-crash-save-session-before-clicking.gif
> 
> 
> I do NOT know anything else than this url. Just seen it in random
> discussion and anyone else I asked knows nothing. Current tests indicate
> that Mozilla 2.0.0.2 gets killed within second, 1.5.0.10 survives.
> 
>    Tõnu
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

   Nasty one.
   However, it's not an actual crash (no core left), rather a problem with the way X events are handled.

"
The program 'firefox-bin' received an X Window System error.
This probably reflects a bug in the program.
The error was 'BadAlloc (insufficient resources for operation)'.
  (Details: serial 55510 error_code 11 request_code 53 minor_code 0)
  (Note to programmers: normally, X errors are reported asynchronously;
   that is, you will receive the error a while after causing it.
   To debug your program, run it with the --sync command line
   option to change this behavior. You can then get a meaningful
   backtrace from your debugger if you break on the gdk_x_error() function.)
"

-- 
Mihai Donțu

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ