.
Curious ... I would have thought this one would be OS-agnostic.
[1] http://seclists.org/bugtraq/2009/May/0249.html
[2] https://bugzilla.mozilla.org/show_bug.cgi?id=393832#c14
[3] http://www.mozilla.org/projects/svg/build.html (last paragraph)
Cheers,
Nick Boyce
--
A week in the lab saves
/something/ nasty happened to
your FF 3.5, if I understand you correctly.
Cheers
Nick Boyce
--
Leave the Olympics in Greece, where they belong.
Nick Boyce
--
Leave the Olympics in Greece, where they belong.
On Mon, Nov 24, 2008 at 11:39 PM, Damien Miller [EMAIL PROTECTED] wrote:
On Mon, 24 Nov 2008, Nick Boyce wrote:
Could someone please help the uncomprehending [i.e. me :-)] understand
why or whether this is anything to be worried about at all ?
Yes, the attack is very unlikely to work
the typical automated connection
per hour, this is hardly anything to worry about .. surely ?
Cheers
Nick Boyce
--
We make money the old-fashioned way: we EARN it
(due to application dependency), and I'd just like to know what our
exposure is.
The verbose product description is HP-UX Secure Shell
A.04.10.004/005, based on OpenSSH 4.1p1, part number T1471-90004.
You don't have to go on the record - be as anonymous as you need.
Thanks
Nick Boyce
--
The system
library and figure out what
'showStaff' does ... but I'd rather just click on an old-school link.
Cheers
Nick Boyce
--
I speak to all bloggers everywhere: just shut up for a second and let
me think, will you?
-- blog comment at http://it-gears.blogspot.com/ :-)
@ alias, only to get a bounce saying no such
address.
And in at least one case (org name escapes me now) the security@
alias turned out to be a *physical* security department, populated by
large gentlemen with peaked caps and bulging armpits ... so you can't
rely on security@.
Nick Boyce
--
I speak
also entice a user to
open a specially crafted web page, document or X client that will
trigger the buffer overflow.
um ... doesn't that make it a *remote* privilege escalation ?
Cheers,
Nick Boyce
--
The reason why worry kills more people than work is that more people
worry than work
On 5 Oct 2006 05:45:23 -, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
http://lcamtuf.coredump.cx/ffoxdie.html
this exploit still works with the latest Firefox 1.5.0.7 and Firefox 2.0 RC1
FWIW, I confirm it also works on Seamonkey 1.0.5 on WinXP.
Nick Boyce
--
Will no one rid me
from the major players, I wonder
whether more research is going on as we speak.
Thanks to all.
Nick Boyce
--
/* affect != effect */ void affect(int *thing,int effect) { *thing += effect; }
factor is at medium.
so I guess DoS is what it is ... but it would still be nice if someone
in the know could confirm the download pages are wrong anyone
from Microsoft here ?
Cheers
Nick Boyce
--
One way to make your old car run better is to look up the
price of a new model.
Always show remote images from this sender
Always show remote images
Nick Boyce
--
Never fdisk after midnight
if the interesting sounding
Core Force turns out to be user-friendly enough for lusers).
I found it inexplicable that Kerio decided to drop the product.
PS: anyone know if this project :
http://kerio.sourceforge.net/
is dead ?
Nick Boyce
--
Never fdisk after midnight.
14 matches
Mail list logo