|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Robert Wesley McGrew (wesley
mcgrewsecurity.com)
Date: Tue May 01 2007 - 08:08:16 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 5/1/07, carl hardwick <hardwick.carlgmail.com> wrote:
> Product: Firefox 2.0.0.3
> Description: Out-of-bounds memory access via specialy crafted html file
> Type: Remote
>
> Vulnerability can be exploited by using a large value in a href tag to
> create an out-of-bounds memory access.
>
> Proof Of Concept exploit:
> http://www.critical.lt/research/opera_die_happy.html
This doesn't work in Firefox 2.0.0.3 in Ubuntu 7.04. This sounds like
it might be another case of mistaken identity with the heap overflow
vulnerability in Nvidia blob drivers for Linux, as this was one way to
exploit it.
--
Robert Wesley McGrew
http://mcgrewsecurity.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]