|
Bugtraq
mailing list archives
Re: JPEG COM Marker Processing Vulnerability in Netscape Browsers
From: Solar Designer <solar () FALSE COM>
Date: Thu, 27 Jul 2000 19:43:58 +0400
I have found that Netscape 4.74 is vulnerable, if you choose
"View Page Source" in the right-click-menu....
(Only tested on FreeBSD4.0)
We've exchanged a few e-mails with Isak regarding this, and the
conclusion is that Netscape 4.74 is indeed NOT vulnerable, including
on FreeBSD:
Well, my guess is that it crashes due to some other error (related to
the GUI) in this case. The JPEG file isn't even interpreted when you
view it as "source"; what you get is a very long line of text.
That "View Page Source" crash should be investigated, as it's a bug
(not necessarily in Netscape itself) and can theoretically turn out
to be another vulnerability, -- but I can't reproduce it.
Signed,
Solar Designer
 By Date 
By Thread
Current thread:
|
Intro
