/allocation-size-overflow/innerhtml/ (This might
crash your browser.)
Susam Pal
http://blog.susam.in/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
, it is a bug in the
JavaScript code and not a bug in Firefox.
Regards,
Susam Pal
http://susam.in/
On 9/28/07, blah [EMAIL PROTECTED] wrote:
IE7 was fine for me, showed up in FF 2.0.0.7
However, I think it's much wider-spread than initially thought. I
found the same most unsettling results
point issues while
programming.
Similarly, if someone doesn't take care of the floating point behavior
while writing code in JavaScript, we should say that the JavaScript code
has the bug instead of saying that the bug is in Firefox.
Regards,
Susam Pal
http://susam.in/
carl hardwick wrote
be on many implementations because some precision is lost in float
type 0.7.
So, I wanted to highlight that these issues are to be taken care of by
the programmer. Hence, we should not say that the flaw is in Firefox.
Regards,
Susam Pal
http://susam.in/
Brian Kim wrote, On Saturday 29 September 2007
in the
comments.
Regards,
Susam Pal
http://susam.in/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
domain? I already know them because it is my website.
Regards,
Susam Pal
http://susam.in/
Daniele Costa wrote, On Saturday 11 August 2007 10:52 PM:
--
BLOGGER XSS VULNERABILITY
is the page where
the script is hosted. The script present in Wikipedia exploits the XSS
vulnerability in HomestayFinder's Dictionary.aspx script.
Regards,
Susam Pal
Matjaz Debelak writes:
Well, it does not appear to work for me in any browser (tested Firefox
2.0.0.3 and Konqueror).
LP
that it takes a pretty long time for the
session to expire. So, the user of a compromised account has to either
wait for the session to expire or hope that Google does something to
terminate the sessions of the users who have logged out.
Regards,
Susam Pal
http://susam.in/
Neeraj Agarwal wrote
Google Re-authentication Bypass with SID and LSID cookies
This document is also available at:-
http://susam.in/security/advisory-2007-06-29.txt
Researcher:-
Susam Pal
Type:-
Session management error
Timeline:-
2007-06-21 - Discovered
2007-06-22 - Reported to vendor
2007-06-29 - Public
In the 'Vulnerability' section, the URL to the previous advisory is
mentioned as:-
http://susam.in/security/advisory-2007-06-21.txt
This is incorrect. The correct URL is:-
http://susam.in/security/advisory-2007-06-22.txt
Regards,
Susam Pal
[EMAIL PROTECTED]
http://susam.in/
Susam Pal wrote
side
which is not happening in case of Orkut sessions.
Regards,
Susam Pal
[EMAIL PROTECTED]
http://susam.in/
On 6/29/07, Susam Pal [EMAIL PROTECTED] wrote:
Google Re-authentication Bypass with SID and LSID cookies
This document is also available at:-
http://susam.in/security/advisory
Orkut Server Side Session Management Error
The most recent version of this document is available at:-
http://susam.in/security/advisory-2007-06-22.txt
Release date:-
22 June, 2007
Type:-
Session management error
Authors:-
Susam Pal, Vipul Agarwal
Researchers:-
Susam Pal, Vipul Agarwal, Gaurav
12 matches
Mail list logo