Re: [webkit-dev] Regarding CVE-2014-1303

Darin, Thanks for your information, I sent the email to secur...@webkit.org. Michael, I wrote the background in the email sent to secur...@webkit.org. Thank your for your help. Jopoxs On Mon, Mar 7, 2016 at 10:19 AM, Michael Catanzaro wrote: > On Mon, 2016-03-07 at 08:45 -0800, Darin Adler wr

Re: [webkit-dev] Regarding CVE-2014-1303

On Mon, 2016-03-07 at 08:45 -0800, Darin Adler wrote: > If you have a specific legitimate reason that you need to know more > information about this particular bug, then you’ll need to state the > reason, and given what it says on that webpage, you should send the > inquiry to secur...@webkit.org r

Re: [webkit-dev] Regarding CVE-2014-1303

Much of the information about WebKit security bugs and their fixes is available only to members of the WebKit Security Group. Details here . Typically there is no critical reason for someone outside that group needs the specifics of one particular bug that w

Re: [webkit-dev] Regarding CVE-2014-1303

Hello, I'm looking forward to get any comment about CVE-2014-1303. Regards, Jopoxs On Fri, Mar 4, 2016 at 7:54 PM, My shin wrote: > Hello, > > Is there someone who knows well how to solve CVE-2014-1303 in WebKit? > > What is CVE-2014-1303? > Heap-based buffer overflow in Apple Safari 7.0.2 all

[webkit-dev] Regarding CVE-2014-1303

Hello, Is there someone who knows well how to solve CVE-2014-1303 in WebKit? What is CVE-2014-1303? Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Liang Chen d