<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Bugtraq: Netscape 4 DoS/Possibly exploitable buffer overflow.

Netscape 4 DoS/Possibly exploitable buffer overflow.

From: Laslo Orto <laslo_at_CPOL.COM>
Date: Mon, 12 Jan 1998 16:23:34 -0500

I've never seen this posted/discussed anywhere before, so here it goes.

Netscape (version verified is 4.03) has a buffer overflow bug in their
bookmarks code. When somebody goes to a web page with a very long title
(6-8k) and then s/he bookmarks the page, netscape will start crashing at
loading bookmark.htm on startup. It's similar to the IE4 bug discovered
not long ago, but here you have to get the victim to bookmark the attackers
page.

Laslo Orto Computer Pages / Better.Net
Systems Administrator 253 Sheppard Ave. West
laslo_at_cpol.com / laslo_at_Better.net Toronto, Canada M2N 1N2
www.cpol.com / www.better.net Ph: +1 416 225 3030
Fax: +1 416 225 6737
Received on Jan 12 1998

This message: [ Message body ]
Next message: Aleph One: "Q179129: STOP 0x0000000A Due to Modified Teardrop Attack"
Previous message: Ruth Milner [VLA]: "update on Solaris 2.6 security logging"
In reply to: Riku Meskanen: "perl version of that tin opener (IOS decrypt.c)"
Next in thread: Aleph One: "Q179129: STOP 0x0000000A Due to Modified Teardrop Attack"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos