Bugtraq mailing list archives
Re: [Full-disclosure] Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr)
From: Ismail Dönmez <ismail () pardus org tr>
Date: Sun, 25 Feb 2007 20:11:32 +0200
On Sunday 25 February 2007 18:57:47 Stan Bubrouski wrote:
On 2/25/07, Daniel Veditz <dveditz () cruzio com> wrote:Michal Zalewski wrote:A quick test case that crashes while trying to follow partly user-dependent corrupted pointers near valid memory regions (can be forced to write, too): http://lcamtuf.coredump.cx/ietrap/testme.html Firefox problem is being tracked here: https://bugzilla.mozilla.org/show_bug.cgi?id=371321This bug was fixed in 2.0.0.2, released Friday Feb 23.No it most certainly wasn't, do your homework next time.
Well surely someone didn't so his homework but its not Daniel, see https://bugzilla.mozilla.org/show_bug.cgi?id=371321 . -- Ismail Donmez ismail (at) pardus.org.tr GPG Fingerprint: 7ACD 5836 7827 5598 D721 DF0D 1A9D 257A 5B88 F54C Pardus Linux / KDE developer
Current thread:
- Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr) Michal Zalewski (Feb 23)
- Re: [Full-disclosure] Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr) Daniel Veditz (Feb 26)
- Re: [Full-disclosure] Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr) Stan Bubrouski (Feb 26)
- Re: [Full-disclosure] Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr) Ismail Dönmez (Feb 26)
- Re: [Full-disclosure] Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr) Michal Zalewski (Feb 26)
- Message not available
- Re: [Full-disclosure] Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr) Michal Zalewski (Feb 27)
- Re: [Full-disclosure] Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr) Stan Bubrouski (Feb 26)
- Re: [Full-disclosure] Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr) Daniel Veditz (Feb 26)