Re: [Full-disclosure] new unpatched security flaw found Firefox 3.0.4
Maybe one day it will be exploited as a bug. On Wed, Dec 17, 2008 at 12:28 PM, Andrew Farmer wrote: > On 16 Dec 08, at 11:49, carl hardwick wrote: > > New unpatched security flaw found in Firefox 3.0.4 > > PoC here: https://bugzilla.mozilla.org/attachment.cgi?id=302699 > > Relevant bug is https://bugzilla.mozilla.org/show_bug.cgi?id=416907 > > This doesn't appear to be security-critical - it's a NULL dereference. > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- http://www.astorandblack.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] new unpatched security flaw found Firefox 3.0.4
On 16 Dec 08, at 11:49, carl hardwick wrote: > New unpatched security flaw found in Firefox 3.0.4 > PoC here: https://bugzilla.mozilla.org/attachment.cgi?id=302699 Relevant bug is https://bugzilla.mozilla.org/show_bug.cgi?id=416907 This doesn't appear to be security-critical - it's a NULL dereference. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] new unpatched security flaw found Firefox 3.0.4
Hmm, Why not link the bug posting itself, why not wait until patched? ch> New unpatched security flaw found in Firefox 3.0.4 ch> PoC here: https://bugzilla.mozilla.org/attachment.cgi?id=302699 nsHTMLFramesetFrame::Reflow(nsPresContext*, nsHTMLReflowMetrics&, nsHTMLReflowState const&, unsigned int&) http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/layout/generic/nsFrameSetFrame.cpp&rev=3.210&mark=1156#1156 -- http://secdev.zoller.lu Thierry Zoller ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] new unpatched security flaw found Firefox 3.0.4
New unpatched security flaw found in Firefox 3.0.4 PoC here: https://bugzilla.mozilla.org/attachment.cgi?id=302699 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/