Network Security: Detailed info on Re: Mozilla Firefox (tested on 0.9.3) html-code crash.

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Vuln-Dev

[Top] [All Lists]

Re: Mozilla Firefox (tested on 0.9.3) html-code crash.

from [Michal Zalewski] Network Security

[Permanent Link]

Subject:	Re: Mozilla Firefox (tested on 0.9.3) html-code crash.
Date:	Fri, 29 Oct 2004 10:46:23 +0200 (CEST)

On Mon, 25 Oct 2004, ducch apple wrote:

Viewing a page with the content:

<HTML><INPUT^@AAAAAAAAAA>

Would cause Firefox to crash.


Indeed (note that ^@ stands for character 0x00). This happens to be a
carbon copy of one of the test cases I posted a while ago in the "Web
browsers - a mini farce" thread. This very problem is already fixed in
nightly builds of Mozilla for quite a while.

You probably should either attribute it properly, or refrain from
re-posting problems reported just days ago altogether...

-- 
------------------------- bash$ :(){ :|:&};: --
 Michal Zalewski * [http://lcamtuf.coredump.cx]
    Did you know that clones never use mirrors?
--------------------------- 2004-10-29 10:44 --

   http://lcamtuf.coredump.cx/photo/current/

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Mozilla Firefox (tested on 0.9.3) html-code crash., ducch apple Re: Mozilla Firefox (tested on 0.9.3) html-code crash., Crispin Cowan Re: Mozilla Firefox (tested on 0.9.3) html-code crash., Michal Zalewski <=

Previous by Date:	[Full-Disclosure] [ GLSA 200410-31 ] Archive::Zip: Virus detection evasion, Thierry Carrez
Next by Date:	local buffer overflow in htpasswd for apache 1.3.31 not fixed in .33?, Larry Cashdollar
Previous by Thread:	Re: Mozilla Firefox (tested on 0.9.3) html-code crash., Crispin Cowan
Next by Thread:	Fake RedHat - Fedora Security Patch / Trojan Source Code & Analysis, K-OTiK Security
Indexes:	[Date] [Thread] [Top] [All Lists]