Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Firefox 0.92 DoS via TinyBMP & Thunderbird 0.72 & Outlook Express (latest Version)
From: thE_iNviNciblE <the_invincible () gmx de>
Date: Mon, 12 Jul 2004 21:59:02 +0200


i can confirm this bug für Thunderbird 0.72, but the behavior(you don't
really detect this bug) isn't so stupid as like by Outlook Express 6
(Total Crash up to Systemcrash, if you do enough *.bmp in the eMail)

<IMG ... src="http://www.4rman.com/exploits/little.bmp"; .....

i know this exploit is pretty old, but has someone testet it against
Anti Virus Programs?

other famous picture Viewer detect this bug...

  MfG thE_iNviNciblE
  Wissen ist Macht

Freie Meinung: http://www.your-mind-is-free.de.vu
IT-Security  : http://www.kid2elite.de.vu
IT-Forum     : http://www.security-focus.de.vu

thE_iNviNciblE wrote:

there is a security vulnerability in Firebox 0.92 (latest Version)


this link causes that your virutal memory will be rise up 1,2 GB used Memory...

maybe Thunderbird 0.72 is also vulnerable via HTML.

credits to: StupidWhiteMan

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]