Network Security: Detailed info on Re: New Flaw in Firefox 2.0: DoS and possible remote code execution

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Vuln-Dev

[Top] [All Lists]

Re: New Flaw in Firefox 2.0: DoS and possible remote code execution

from [Daniel Veditz] Network Security

[Permanent Link]

Subject:	Re: New Flaw in Firefox 2.0: DoS and possible remote code execution
Date:	Tue, 31 Oct 2006 13:56:21 -0800

xxxx@gmail.com wrote:

When you have a NULL pointer dereference a code execution is also possible, 
so you can't exclude it at all.
For example in this old flaw:
http://securitytracker.com/alerts/2006/Apr/1016001.html


In that example there was a way to influence the crash so that it was not null.
The Metasploit blog previously reported on a way to use a null dereference crash
to trigger a vulnerability in the windows SEH to run code (since fixed, and not
exploitable via Firefox as far as anyone can tell).

Neither of those conditions apply here, it's just a null dereference. In a debug
build you get

###!!! ASSERTION: Parsing didn't create a parser context?: 'mParserContext',
file c:/dev/ff2/mozilla/parser/htmlparser/src/nsParser.cpp, line 1882

This bug appears to have been fixed in the code that will become Firefox 3. This
crash is being tracked at https://bugzilla.mozilla.org/show_bug.cgi?id=358797

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
New Flaw in Firefox 2.0: DoS and possible remote code execution, xxxx Re: New Flaw in Firefox 2.0: DoS and possible remote code execution, Josh Bressers Re: New Flaw in Firefox 2.0: DoS and possible remote code execution, Gouki Re: Re: New Flaw in Firefox 2.0: DoS and possible remote code execution, xxxx Re: New Flaw in Firefox 2.0: DoS and possible remote code execution, Daniel Veditz <=

Previous by Date:	Re: freenews---> fileinclude, pokley
Next by Date:	[Full-disclosure] iDefense Security Advisory 10.31.06: Novell iManager Tomcat DoS Vulnerability, iDefense Labs
Previous by Thread:	Re: Re: New Flaw in Firefox 2.0: DoS and possible remote code execution, xxxx
Next by Thread:	Authentication bypass in BytesFall Explorer, RedTeam Pentesting
Indexes:	[Date] [Thread] [Top] [All Lists]