subject:"\[Full\-disclosure\] new unpatched security flaw found Firefox 3.0.4"

Re: [Full-disclosure] new unpatched security flaw found Firefox 3.0.4

2008-12-17 Thread James Matthews

Maybe one day it will be exploited as a bug.

On Wed, Dec 17, 2008 at 12:28 PM, Andrew Farmer  wrote:

> On 16 Dec 08, at 11:49, carl hardwick wrote:
> > New unpatched security flaw found in Firefox 3.0.4
> > PoC here: https://bugzilla.mozilla.org/attachment.cgi?id=302699
>
> Relevant bug is https://bugzilla.mozilla.org/show_bug.cgi?id=416907
>
> This doesn't appear to be security-critical - it's a NULL dereference.
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
http://www.astorandblack.com
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] new unpatched security flaw found Firefox 3.0.4

2008-12-17 Thread Andrew Farmer

On 16 Dec 08, at 11:49, carl hardwick wrote:
> New unpatched security flaw found in Firefox 3.0.4
> PoC here: https://bugzilla.mozilla.org/attachment.cgi?id=302699

Relevant bug is https://bugzilla.mozilla.org/show_bug.cgi?id=416907

This doesn't appear to be security-critical - it's a NULL dereference.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] new unpatched security flaw found Firefox 3.0.4

2008-12-16 Thread Thierry Zoller

Hmm,
Why not link the bug posting itself, why not wait until patched?
ch> New unpatched security flaw found in Firefox 3.0.4
ch> PoC here: https://bugzilla.mozilla.org/attachment.cgi?id=302699

nsHTMLFramesetFrame::Reflow(nsPresContext*, nsHTMLReflowMetrics&, 
nsHTMLReflowState const&, unsigned int&)
http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/layout/generic/nsFrameSetFrame.cpp&rev=3.210&mark=1156#1156

-- 
http://secdev.zoller.lu
Thierry Zoller

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] new unpatched security flaw found Firefox 3.0.4

2008-12-16 Thread carl hardwick

New unpatched security flaw found in Firefox 3.0.4
PoC here: https://bugzilla.mozilla.org/attachment.cgi?id=302699

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] new unpatched security flaw found Firefox 3.0.4

Re: [Full-disclosure] new unpatched security flaw found Firefox 3.0.4

Re: [Full-disclosure] new unpatched security flaw found Firefox 3.0.4

[Full-disclosure] new unpatched security flaw found Firefox 3.0.4

4 matches

Site Navigation

Mail list logo

Footer information