Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

dailydave logo Dailydave mailing list archives

Re: Firefox bugs
From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Tue, 3 Oct 2006 20:33:45 +0300 (EEST)
CNET TV Video Hackers claim Firefox zero-day flaw
about the presentation:
http://news.com.com/1606-2_3-6121987.html

- Juha-Matti


Dave Aitel <dave () immunityinc com> wrote: 


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Didn't you post on your weblog some stuff about Chrome: being buggy?
It's completely believable to have a chrome: context issue in Firefox.
I recall you said something about iterators, but I don't have a
Mozilla developer account so I can't look at the diff.

Are the slides/full PoC available publicly?
- -dave

Thor Larholm wrote:

Their PoC, both the one in their slides and the full PoC, is
nothing more than an out-of-memory crash, of which Firefox already
has plenty. They were still struggling to write a working exploit
days after the presentation, even though they claimed to have just
that during the presentation.

Long story short, the bug is just a bug - not a vulnerability.


Regards Thor Larholm


_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]