Bugtraq mailing list archives
Re[2]: New Flaw in Firefox 2.0: DoS and possible remote code execution
From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Fri, 3 Nov 2006 12:08:55 +0300
Dear Jerome Athias, I said NULL pointer is not exploitable _by itself_. Ability to control unhandled exception filter is different vulnerability. NULL pointer in this case is not exploitation vector, it's only used to initiate attack. --Thursday, November 2, 2006, 10:01:19 PM, you wrote to 3APA3A () SECURITY NNOV RU: JA> 3APA3A a écrit :
Dear xxxx () gmail com, NULL pointer dereference is not exploitable to code execution by itself.
JA> Hi, JA> you should be interested by this JA> http://metasploit.blogspot.com/2006/08/putting-fun-in-browser-fun.html JA> + a little tool JA> https://www.securinfos.info/outils-securite-hacking/uSEH.rar JA> /JA -- ~/ZARAZA Íåïðèÿòíîñòè íà÷íóòñÿ â âîñåìü. (Òâåí)
Current thread:
- Re[3]: New Flaw in Firefox 2.0: DoS and possible remote code execution 3APA3A (Nov 01)
- Re: New Flaw in Firefox 2.0: DoS and possible remote code execution Jerome Athias (Nov 06)
- Re[2]: New Flaw in Firefox 2.0: DoS and possible remote code execution 3APA3A (Nov 03)
- <Possible follow-ups>
- Re: New Flaw in Firefox 2.0: DoS and possible remote code execution Jan Heisterkamp (Nov 06)
- Re: New Flaw in Firefox 2.0: DoS and possible remote code execution Jerome Athias (Nov 06)