Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Date: Wed Sep 03 2008 - 15:39:45 CDT
-----BEGIN PGP SIGNED MESSAGE-----
>Even though I had the vulnerability 4 hrs well before the real
>publication of the bug and had the exploit along with the some
>crash details like "int 3" Kernel Exception/Trap 0x01002FF3,
>different attack cases, exceptions of http/ftp and further debug
>logs; there was this bug published (though without the details of
>possible cases, exceptions and mouse hover techniques) couple of
>hours before I released it out at EvilFingers.
This is an out of bounds memory read that crashes the browser. It
is a major exaggeration to call this a vulnerability, especially
considering this is a beta browser. Not that others haven't already
said it, but people never seem to learn that a browser crash is a
stability issue, not a security issue.
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0
-----END PGP SIGNATURE-----
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/