Bugtraq: Re[2]: New Flaw in Firefox 2.0: DoS and possible remote code execution

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re[2]: New Flaw in Firefox 2.0: DoS and possible remote code execution

From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Fri, 3 Nov 2006 12:08:55 +0300

Dear Jerome Athias,

I  said  NULL pointer is not exploitable _by itself_. Ability to control
unhandled  exception  filter is different vulnerability. NULL pointer in
this case is not exploitation vector, it's only used to initiate attack.

--Thursday, November 2, 2006, 10:01:19 PM, you wrote to 3APA3A () SECURITY NNOV RU:

JA> 3APA3A a écrit :

Dear xxxx () gmail com,

NULL pointer dereference is not exploitable to code execution by itself.

JA> Hi,

JA> you should be interested by this
JA> http://metasploit.blogspot.com/2006/08/putting-fun-in-browser-fun.html

JA> + a little tool
JA> https://www.securinfos.info/outils-securite-hacking/uSEH.rar

JA> /JA



-- 
~/ZARAZA
Íåïðèÿòíîñòè íà÷íóòñÿ â âîñåìü.  (Òâåí)

By Date By Thread

Current thread:

Re[3]: New Flaw in Firefox 2.0: DoS and possible remote code execution 3APA3A (Nov 01)
- Re: New Flaw in Firefox 2.0: DoS and possible remote code execution Jerome Athias (Nov 06)
  - Re[2]: New Flaw in Firefox 2.0: DoS and possible remote code execution 3APA3A (Nov 03)
- <Possible follow-ups>
- Re: New Flaw in Firefox 2.0: DoS and possible remote code execution Jan Heisterkamp (Nov 06)