Well, just tested the "mozilla_die1.html" on Firefox. Guess what, it crashed. ( Firefox 0.10, compiled on Gentoo Linux) :-(
The files can be found following the link "go here" on the demo-site. best regards Marko Steinberger Nebergall, Christopher schrieb: > Slashdot pointed to some articles about this in English. > > http://it.slashdot.org/article.pl?sid=04/10/19/0236213&tid=113&tid=128&t > id=154&tid=218 > > http://www.securityfocus.com/archive/1/378632/2004-10-15/2004-10-21/0 > > Besides the randomly generated code which will supposedly Mozilla (I > must not have used it long enough, I couldn't get firefox to die), they > mention specific files they have kept which will kill Mozilla named > mozilla_die?.htm. > > -Christopher > > -----Original Message----- > From: Marko Steinberger [mailto:[EMAIL PROTECTED] > Sent: Wednesday, October 20, 2004 10:50 AM > To: [EMAIL PROTECTED] > Subject: Only MS ie a robust browser? > > Hello, > > today there was a short article posted in german www.heise.de > (http://www.heise.de/newsticker/meldung/52317), that reported about some > studies a polish security expert called Michal Zalewski made towards the > handling of improper HTMl-pages. Testing candidates where Internet > Explorer, Mozilla, Firefox and Opera. With the ie alternatives he > expierienced the most crashes, buffer overflows etc. as the article > pointed out. > He has published some test cases. You can find them following the Link > called "Demonstration" (BE CAREFUL !) in the article found in the above > URL. I've just a few of them myself with Mozilla 1.7.3 resulting in > Mozilla crashing. > > So I suggest that any Developer should have a look at this, because > advantage in security above ie is a big reason for why people begin to > choose more and more ie alternatives like e.g. Firefox. > > best regards > Marko Steinberger > _______________________________________________ > Mozilla-security mailing list > [EMAIL PROTECTED] > http://mail.mozilla.org/listinfo/mozilla-security > > _______________________________________________ Mozilla-security mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-security
