Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Firefox 0.92 DoS via TinyBMP
From: "Jordan Cole (stilist)" <stilist () gmail com>
Date: Mon, 12 Jul 2004 17:16:47 -0400

This is precisely the point that almost everyone is missing
completely (but still clamoring "it works on X, it doesn't work on
Y"), and that Sapheriel pinpointed: the core problem lies in the
Windows .bmp implementation.

So, I wonder aloud, what is the purpose of publishing 'advisories'
that misattribute this flaw to IE [1] or Firefox or any of the other
hundreds or thousands of programs that use it and can be DoSed as a

Admittedly; but here's the question: if it's all the fault of Windows
.bmp implementation, or the fact that it's about a gig of data, why
are certain browsers (like mine) not vulnerable to it? I'm going to
the same page as anyone else...



Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]