lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Date: Fri, 28 Sep 2007 13:48:39 -0400
From: <full-disclosure@...hmail.com>
To: <hardwick.carl@...il.com>,<jimbysharp@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Firefox 2.0.0.7 has a very serious
	calculation bug

Dear Jimby,

Please read the list charter.  

What if this issue has security implications that we are unaware 
of?  It is important to saturate this list with any and all reports 
of software misbehavior (or perceived misbehavior) so that Vladis 
and the other aged mailing list participants can show off that they 
have nothing to offer aside from stale sarcastic responses.

"yo dude i was first poster on teh bugtraq in 1992ad and haven't 
shut up  since and am moar stupid that teh blue baor but i will not 
shut up"
     -vladis clitus 

Shut up Vladis.

On Fri, 28 Sep 2007 12:35:11 -0400 Jimby Sharp 
<jimbysharp@...il.com> wrote:
>How is this serious and is it related to security in any manner? 
>If
>not, please do not spam. :-(
>
>And go and learn some floating point maths.
>
>On 9/28/07, carl hardwick <hardwick.carl@...il.com> wrote:
>> There's a flaw in Firefox 2.0.0.7 allows javascript to execute 
>wrong
>> subtractions.
>>
>> PoC concept here:
>> javascript:5.2-0.1
>> (copy this code into address bar)
>>
>> Firefox 2.0.0.7 result: 5.1000000000000005 (WRONG!)
>> Internet Explorer 7 result: 5.1 (OK)
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/

--
Click here to see the world and find great teaching positions abroad.
http://tagline.hushmail.com/fc/Ioyw6h4dBblxrXgOig5M4LZFilyzN7rXjQOCUVZTz1iFMiPHCFgqQA/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ