Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
From: Jordan Cole (stilist) (stilistgmail.com)
Date: Mon Jul 12 2004 - 16:16:47 CDT
> This is precisely the point that almost everyone is missing
> completely (but still clamoring "it works on X, it doesn't work on
> Y"), and that Sapheriel pinpointed: the core problem lies in the
> Windows .bmp implementation.
> So, I wonder aloud, what is the purpose of publishing 'advisories'
> that misattribute this flaw to IE  or Firefox or any of the other
> hundreds or thousands of programs that use it and can be DoSed as a
Admittedly; but here's the question: if it's all the fault of Windows
.bmp implementation, or the fact that it's about a gig of data, why
are certain browsers (like mine) not vulnerable to it? I'm going to
the same page as anyone else...
Full-Disclosure - We believe in it.